Customer Advisory Group

Think Big - Start Small - Work Smart with CAG

  • Home
  • About
    • Mission
  • Services
    • SAP & CAG Project Rise - ​Resilient Access Governance for the Transition to the Cloud
    • SAP Compliance Assessments and Roadmap Development
    • GRC - Access Control Implementations
    • GRC - Process Control Implementations
    • SAP Security Role Remediation and Re-design
    • GRC & Security Support Services (SmartSourcing)
    • SAP S/4 HANA Upgrade Services
    • Pathlock AVM Implementation Services
  • Testimonials
  • Events and Discounts
  • Contact Us
  • Blog
Let's Talk!

[email protected]

Call Toll Free: +1-888-477-4950
MENU
  • Home
  • About
    • Mission
  • Services
    • SAP & CAG Project Rise - ​Resilient Access Governance for the Transition to the Cloud
    • SAP Compliance Assessments and Roadmap Development
    • GRC - Access Control Implementations
    • GRC - Process Control Implementations
    • SAP Security Role Remediation and Re-design
    • GRC & Security Support Services (SmartSourcing)
    • SAP S/4 HANA Upgrade Services
    • Pathlock AVM Implementation Services
  • Testimonials
  • Events and Discounts
  • Contact Us
  • Blog

Our Blog

Halloween Analyst Magic!

11/7/2013

4 Comments

 
Picture
Halloween Analyst Magic

Well it’s Halloween and time for Analyst Magic.  Gartner has published the Magic Quadrant for GRC, and all the other analysts seeking engagements of course are tweeting and blogging about what is right and wrong with the results.   Just like Mike and Mike in the morning giving their analysis of the sporting teams, there is usually one person in the conversation that has at least played in the sport.  The difference with our GRC analysts is very few of them have even helped or touched the applications they analyze.  And most base their results on vendors who had to pay to get them to visit and customers who have asked for their wisdom and paid dearly.  Unfortunately, the most they learn is by listening to the customers and to the vendors.  Having been in both places, and hands on with many of the products, I would like to point out some of the many flaws:

Much of the criteria are highly subjective. Market penetration for example is usually based on the acquisition of customers, and not by who is getting a return on their software investment.  Opinions are cheap, just like the sports analysts; they vary by the biases they have developed over the years.  In addition, all of the product evaluations are done based on demos by the vendors.  And you can bet these are well orchestrated and planned to impress.  Often they are geared to what the analysts ask about.  Usually this is guided by customer inquiries.  These are collected from primarily paying customers, or references that have been carefully selected by the vendor for the analyst to contact.  

I have been a customer and the only discussion I found worthwhile with any of the analysts was to get their idea of the price ranges I should expect before entering the negotiation process of the hardware of software acquisition process.  In the case of GRC, these can vary widely.  And there is a wide range of product capabilities.  In most cases the “enterprise” tag given by the analysts is only indicative of the breadth of the product.  The depth of the product is often overlooked, but a lot of attention to “look and feel” and user “friendly” criteria.  One evaluation I saw presented during my days with SAP by an analyst was a demo, which got great accolades for an improvement in the user interface.  And it was the same interface they had seen in the previous year, but the Demo Witch made it appear much better…. more smoke and mirrors.  

Before you enter the haunted house of the GRC market, my advice is to ignore the analysis paralysis on useless features and concentrate on the road to Return on Investment.   This will allow you to seek out not only the software that is the best fit but also the best practices that help you gain the best utilization from the product.  The combination of the two is what makes the GRC ghost and goblins go away and reality to appear!  

Gary


4 Comments
Janani link
3/29/2016 06:09:03 am

Great Article..It was very informative..I need more details from your side..include some tips..I am working in <a href="http://www.excelanto.com">Erp In India</a>

Reply
Rajalakshmi.V link
9/30/2016 10:11:07 pm

I like this blog, saved to my bookmarks.I have got some important suggestions from it, specially your service.I'm working in<a href="http://fuzzyinternational.com/"> Fuzzy International private limited.</a>

Reply
Rajalakshmi.V link
9/30/2016 10:11:23 pm

I like this blog, saved to my bookmarks.I have got some important suggestions from it, specially your service.I'm working in Fuzzy International private limited.</a>

Reply
Rajalakshmi.V link
9/30/2016 10:11:40 pm

I like this blog, saved to my bookmarks.I have got some important suggestions from it, specially your service.I'm working in Fuzzy International private limited.

Reply

Your comment will be posted after it is approved.


Leave a Reply.

    RSS Feed

    Picture

    Authors

    Assorted Members of the CAG Team providing insightful information on current topics related to GRC, Security, and Audit.

    Archives

    July 2016
    February 2016
    September 2014
    June 2014
    March 2014
    February 2014
    November 2013
    November 2012
    October 2012
    March 2012

    Categories

    All

Navigation

About Us
Our Mission
Our Services
CAG Blog
CAG Customer Forum

Contact Us

Picture

Customer Advisory Group © 2022  All Rights Reserved