The Business of Defense

How one company grew a risk management SaaS platform from boardroom governance beginnings


It all began as way to ensure the safety of information — often detailed internal financial records — being shared between companies and the members of their boards of directors.

Think about how unnerving it is “find yourself sending the most sensitive material you have to people who are not full-time employees,” said Brian Stafford, president and CEO of Diligent, as he harkened back to the initial focus of the company.

“What Diligent started out as was an incredibly secure way to take and lock down that communication that you would have with your board members,” he shared during an interview for the American Society of Military Comptrollers’ The Business of Defense podcast on Federal News Network.

Using technology to secure corporate financial information and communications led to the development of risk management expertise within the company and to the expansion of the services Diligent offered its clients.

“Over time, we’ve grown much broader than that,” Stafford said. The company in addition to providing governance and risk management added audit and compliance — and inherently data analytics derived from the information gathered to be able to track and audit against governance policies.

We asked Stafford to talk about how that translated into Diligent being able to develop new services for clients, particularly large financial institutions, and why those technical skillsets align well with the needs of the government right now.

Risk management: continual shifting landscape

All corporate boards fixate on risk — and reining it in, Stafford said. In turn, that meant Diligent has had to be able to address each distinct risk and the related audit and control factors, “whether it’s risk around cyber, whether it’s risk around your enterprise risk management program or areas like climate risk,” he said. (See sidebar, “Making the decision to lean into ESG.”)

That work led Diligent to continually expand the capabilities and features of its SaaS platform. “As the risk landscape continues to broaden, we get pulled in and asked to help address and provide solutions around how organizations help manage each of those disparate discrete risks,” Stafford said.

And in a post-pandemic world, the risks continue to accelerate and evolve, he noted, because of the expanded virtual and hybrid environments that organizations now maintain.

As an example, he pointed to managing and understanding artificial intelligence, which C suite executives frequently ask about. AI admittedly creates huge opportunities, Stafford said, “but do you really know how many different projects you have going around your organization and what the potential risk and opportunity with each of those projects are?”

Addressing risk management in government

Diligent’s long history working with banks — in highly regulated and secure environments — spurred it to pivot and begin also offering its SaaS platform to government.

“We’ve invested a ton to make sure that platform is secure for a Defense or federal government environment as well,” he said. “We are FedRAMP moderate certified, and we’re also Impact Level 5 from a Defense perspective.”

The corporate world has evolved governance more quickly than the government and in different ways, Stafford said. As such, agencies now face more risks simultaneously as they take the time necessary to develop governance, audit and compliance programs, he added.

But the challenges are nonetheless comparable, Stafford said. “There are different forms of governance that exist,” he said. “But the idea of having highly secure tools that offer the highest level of security to distribute documents in an incredibly secure fashion applies to any part of the world or any department you operate in.”

Making the decision to lean into ESG

As companies began to look at how environmental and social efforts could impact business — both positively and negatively, Diligent decided to go all in on environmental and social governance, or ESG.

“Just like our history in audit and control software, we have a carbon accounting software program that we’ve created, which helps organizations of any size manage their Scope 1, Scope 2 and Scope 3 emissions,” Diligent President and CEO Brian Stafford said. “Anyone you would talk to, within the government or outside of the government, would say, ‘Look, the reality is, we need to at least track and measure what our carbon footprint is.’”

That reality has driven growth for Diligent, Stafford said. It makes sense because, as he noted, “just like financial commitments, any sustainability commitments people are making, you want to make sure you have the ability to audit them.”

It’s been a draw for the company’s corporate clients, and Stafford suspects it will also be of interest to federal agencies as they become required to make disclosures about their zero-carbon emission efforts.

“I fundamentally believe that being more transparent about these things, putting data and information out there, allows people to make choices around which vendor or partner they want to work with or which company they want to work with,” Stafford said. “And I think that, ultimately, will steer us all in the right direction.”

To listen to the full discussion between Brian Stafford, President and CEO of Diligent, and Rich Brady, CEO of ASMC, click the podcast play button below:

Discover other The Business of Defense podcasts here.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.