Embedding Sound Risk Management Practices into an Organization
Core principles for risk management adoption within an organization.
It's no secret that when it comes to governance, risk management and compliance (GRC), EMC has big ambitions. But until this week, much of the company's efforts have been hamstrung by the lack of cohesion among a series of acquisitions that the company made in the last two years.
The core GRC portfolio from EMC is based on offerings that were initially developed at Archer Technologies, which EMC acquired early last year.
According to Alex Bender, director of marketing at RSA, the Security Division of EMC, version 5.0 of the RSA Archer eGRC management platform that is being officially released today will serve as "the unifier" of EMC's overall GRC strategy. This is because the platform is now integrated with Documentum and Kazeon information governance tools, security management tools from the rest of the company's RSA unit, and EMC's traditional business continuity products.
Together, these offerings will create the foundation for a missing layer of data management tools that will ultimately create an end-to-end to managing the entire GRC lifecycle, says Bender.
One of the major problems with GRC today is that for the most part, the GRC process is fractured across multiple IT disciplines. It's pretty clear that a core part of EMC's strategy in this space is going to revolve around the intersection of data and storage management.