Dos and don'ts for IT GRC success


Become An Insider

Sign up now and get free access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content from the best tech brands on the Internet: CIO, CSO, Computerworld, InfoWorld, IT World and Network World Learn more.

DO agree on an IT-GRC implementation strategy. Moving disjointed, manual processes into an automated, centralized tool is an enormous undertaking. While a giant boa constrictor can unhinge its jaw and swallow a large mammal whole, that strategy is not advisable for your enterprise.

Choose a high-priority area for your initial implementation, preferably one that will produce a quick ROI. This will give you a record of success to build on and give you and the users a working knowledge of how to use the software, assess its value and share their knowledge with others. Take a top-down approach that will serve as a model as you expand, rather than a controls-centric tactic that won't scale well.

This first deployment should be initiated in the context of a larger plan for rolling out the IT GRC across the enterprise. After all, the goal is a centralized, automated, standards-based enterprisewide deployment.

You're viewing Insider content

You Might Like
Join the discussion
Be the first to comment on this article. Our Commenting Policies