We use cookies and other similar technologies (Cookies) to enhance your experience and to provide you with relevant content and ads. By using our website, you are agreeing to the use of Cookies. You can change your settings at any time. Cookie Policy.

Manage Tomorrow's Surprises Today

Steven Minsky

How to Choose ERM and GRC Software: SaaS vs On-Premise?

Vote 0 Votes

unidentified risksOne of the most frequently cited differences between Software-as-a-Service (SaaS) and On-Premise installations is the degree of flexibility between each type of solution. With SaaS solutions on the rise for GRC and Risk Management Software, more and more organizations are realizing that everything they thought they understood about the differences between SaaS and On-Premise is wrong. So what can we learn from their mistakes?

A Conflict of Interest

On-Premise vendors make about 50% of their revenue from professional services. Your company pays for unique code to develop a platform that will work for you, but that unique code introduces a huge burden on your program.

When new practices are introduced, the vendor has to come back for more custom code, and - here's the key - they have to do that for every customer just like you. Costs are exacerbated by the need to test any changes against previous customizations for backwards compatibility. Why would an On-Premise solution develop a flexible platform when it's in their own self-interest to develop highly customized (e.g. costly) systems? These costs are passed along to customers in the form of professional services, and that lose-lose proposition is driving customers to SaaS solution.

Professional Services vs Self-Service

Contrast that with SaaS vendors. True SaaS vendors are supporting what amounts to one configurable product, and their customers are typically paying a quarterly subscription. With customers never locked in longer than the next 90 days, and without professional services or customization fees as a revenue stream, SaaS vendors must focus on ease-of-use, and end-user configurability. Without this focus on customer satisfaction, customers will have no incentive to continue their subscriptions.

The alignment of vendor and customer priorities produces three critical advantages for SaaS customers:

  • A more flexible, easy-to-use platform that doesn't require customization through professional services.
  • Cost savings for the customer and a more transparent fee structure.
  • A platform that never becomes obsolete, and updates frequently to accommodate industry trends.

Flexibility: Perception vs Reality

The perception of SaaS systems is that while they're faster to implement and more cost effective, they are not flexible enough to accommodate organizations with complex business process structures or unique requirements.

That's a common refrain reiterated by traditional, hosted solutions, who frame the customization as a characterization of their solution by saying, "It's not complicated, it's robust."

The reality is that by demanding professional services to meet unique requirements, the customer is actually losing flexibility. Think back three years ago. How many times has your specific department changed its way of operating? None at all? Congratulations on working in Print Journalism!

Every organization has constant change. On-Premise solutions capitalize on this change by requiring professional services, but these changes take months, even years to implement. These configurations also cost money, so you'll need a change order and some level of management approval to get what you need.

SaaS solutions are afforded no such luxury. For SaaS vendors, changing business processes are not drivers of revenue, flexibility is what drives new revenue. The ability for customers to easily and efficiently configure the solution themselves to meet new requirements allows a SaaS vendor to make existing customers happy, and meet the needs of a business environment ripe with change.

So, which five questions should you ask customer references when evaluating a software?

1) How much has your organization paid in professional services to your GRC vendor?
2) How long did it take from contract signing to your 1st day of actually using the software in your job?
3) How long did it take to make a change in your configuration?
4) How often are feature enhancement releases made to the core software?
5) How many users have actually logged in at least once in the past year?

Download our ERM Software RFP Template for an analysis of business requirements necessary for successful ERM or GRC implementations.

Leave a comment

In this blog, risk expert Steven Minsky highlights the differences between traditional risk management and true enterprise risk management, which is about helping things happen rather than preventing them from happening. Manage Tomorrow's Surprises Today is designed to help you think about risk in new ways and learn how to benefit practically from this rapidly evolving field.

Steven Minsky

Steven is the CEO of LogicManager, Inc. the leading provider of ERM software solutions. Steven is the architect of the RIMS Risk Maturity Model for ERM, author of the RIMS State of ERM Report among many other papers, and a RIMS Fellow (RF) instructor on ERM. Steven has conducted ERM and RIMS Risk Maturity Model training for hundreds of organizations around the globe. Steven is a patent author of risk and process management technology and holds MBA and MA degrees from the University of Pennsylvania’s Wharton School of Business and The Joseph H. Lauder Institute of International Management. You can reach Steven at steven.minsky@logicmanager.com.

Recently Commented On

Monthly Archives