Part 2. Why You Shouldn't Ignore Customisation
Put simply it is essential that your GRC System reflects your business’ needs. Your system needs to work for you like a member of the team. If not, your system stops supporting your risk and compliance activities and becomes an administrative burden, just like a legacy system. At the very least; layout, ordering, editing existing fields and adding or removing should be customisable by business users (not just IT).