• What's next for GRC?

    Posted August 23, 2012 - 3:24 pm

    Today's governance, risk management and compliance (GRC) software has useful features that can help organizations get a better handle on how they're managing risk, security and compliance issues.
  • Pulling it all together: a special report on GRC

    Posted August 22, 2012 - 3:12 pm

    I like the concept of governance, risk and compliance (GRC) for two reasons. One reason is completely tactical, the other completely conceptual. First, the tactical: compliance complexity reduction. This garbled regulatory compliance landscape is madness. Madness! Every year for six years running, more than half of our State of the CSO survey respondents have said they will spend an increasing amount of time on regulatory compliance work.
  • 3 security acronyms to avoid (and 3 to embrace)

    Posted October 13, 2011 - 8:02 am

    Today's security trends are the usual acronym soup. Here are 3 you'd do well to avoid and 3 worth your attention.
  • SAP takes on IBM, Oracle with new GRC suite

    Posted March 23, 2011 - 9:16 am

    SAP is hoping to cement its foothold in the growing market for GRC (governance, risk and compliance) software with a new suite, announced Wednesday, that is nearly three years in the making.
  • Dos and don'ts for IT GRC success

    Posted March 7, 2011 - 9:47 pm

    DO agree on an IT-GRC implementation strategy. Moving disjointed, manual processes into an automated, centralized tool is an enormous undertaking. While a giant boa constrictor can unhinge its jaw and swallow a large mammal whole, that strategy is not advisable for your enterprise.
  • IT GRC tools: Control your environment

    Posted March 7, 2011 - 9:45 pm

    As enterprises approach a high level of maturity in their IT governance, risk and compliance (GRC) programs, they face a conundrum: How can they effectively implement and manage policies and their supporting controls to maintain a strong risk posture? To add to the difficulty, the environments they manage are often widely distributed and subject to multiple regulatory requirements and internal audit requirements, and must adapt to changing business needs. GRC tools are designed to help.
  • eGRC vs. IT GRC

    Posted March 7, 2011 - 9:43 pm

    Most analysts break the market down into two broad categories: IT GRC and Enterprise GRC (eGRC). The vendors generally don't make it any easier for potential enterprise customers, as the IT GRC players often claim they do eGRC, and all the eGRC vendors saying they encompass IT as well.
  • "Proving nothing" cuts compliance costs

    Posted February 10, 2009 - 4:21 pm

    Using software to perform compliance tasks that would otherwise be done by hand may be an obvious way to drive down the costs of regulatory compliance. Less obvious, however, is what that software must do to maximize those savings — continuously monitor the source data of primary business applications.
Join us:






Join today!

See more content
Ask a Question