I read a very interesting post by Michael Rasmussen showing that Microsoft is the largset GRC (Governance, Risk and Compliance) vendor – because of the widespread usage of Office, Outlook(and now Sharepoint)  as the tool of preference  for GRC management in most organizations. He estimates the size of that market (GRC implemented in MS tools) to be around $24B-$26B.That certainly fits with what we see in Risk Management Processes (Audits, Compliance etc.) market – Word, Excel and Outllook reign supreme.

He would like to see companies move to other platforms for GRC, making process management much simpler (especially regarding non-repudiation, audit & integrity and data overload). . We on the other hand see this as a great opportunity for Human Process Management in general, and ActionBase in particular. We think that letting people remain in their familiar Office and Outlook environments, while providing the structure, monitoring and management needed is a better way to go forward. People get to stay in their familiar environment – but now the organization ensures non-repudiation, audit & integrity and data overload.

That is what I called GRC JuJitsu – instead of fighting the widespread usage of Office and Outlook – lets leverage it.