Newsletters Welcome, Guest Log In | Register
Blogs:

Mike Vizard

IT Unmasked

Revealing the Business Value of Innovation

About this Blogger RSS

< Previous | Next >

Subscribe

Sign up now and get the best business technology insights direct to your inbox.

  • Daily Edge
  • CTO Edge Update
  • Business Tools & Templates
  • Aligning IT & Business Goals
  • Maximizing IT Investments

0

Survey: IT Risk Management Matures

Posted by Michael Vizard Nov 3, 2009 10:31:01 AM

The IT industry as a whole still has a long way to go in terms of making the governance, risk management and compliance (GRC) process cohesive. But a survey being released today seems to indicate that when it comes to GRC, IT organizations are making some substantial progress.


The survey, sponsored by OpenPages, a provider of GRC application software, found that 28 percent of the customers surveyed were using what they described as a holistic set of applications to manage GRC, while 30 percent said they were using what they described as point products. But plenty of evidence suggests that GRC immaturity is widespread as 43 percent of those surveyed said they still rely primarily on spreadsheets to manage the process.


Meanwhile, as IT gets more involved in GRC, the opportunity to automate the process becomes more apparent. The OpenPages survey found that 40 percent of respondents said the CIO was responsible for GRC, while 24 percent said they had a head of enterprise risk or chief risk officer to specifically manage the process. But 27 percent selected other on this question.


The issue that most organizations are having with GRC comes down to the cost of compliance. Too often the process of coming into compliance involves lots of expensive audits, usually performed manually by third-party auditors who get paid by the hour.


By investing in integrated in GRC management platforms, companies such as OpenPages argue that not only will companies be more efficient in terms of actual compliance, but the cost of managing the GRC process will substantially drop as they sharply reduce auditor fees.


In the absence of any structured approach to GRC, however, many companies are looking to Congress for regulatory relief. But the tradeoff then becomes that as we lessen restrictions, companies have no incentive to improve their governance. Without those incentives, companies are then more likely to have lax data-security standards and inaccurate financial reporting.


In the meantime, the current administration seems bent on increasing the amount of oversight applied to just about every industry, which means the best and probably only real option available to most companies to reduce GRC costs is to streamline the process by employing more IT automation.

Related Content

Add a comment Leave a comment on this blog post.

There are no comments on this post

Related Content

Browse

Topic: Compliance Software Packages

Everything from specific point solutions to systems addressing enterprise-wide compliance

Blog: Learning the Many Facets of Compliance

Article: Software Vendors Ramp up XBRL

News: EMC Adds e-Discovery Capabilities with Kazeon Acquisition

Related Topics

Compliance, Data Security, External and Internal Audits, Governance, Risk Management

Featured White Papers

Browse

Lowering Your IT Costs with Oracle Database 11g Release 2

This white paper identifies the key capabilities a database management solution needs to successfully deliver more information with higher quality of service, make more efficient use of IT budgets, and reduce the risk of change in data centers.

Software Forum: Information On Demand Virtual Experience

This interactive virtual forum presents leading IT experts providing the insights you need to turn your information into a strategic driver for innovation, business optimization and competitive differentiation.

Resource Centers

Browse

Cost Cutting through Server Consolidation

Products, management tools, and industry insights that enhance the value of virtualization for your business.

Featured Whitepapers

The Business Case for Virtualization

Security SaaS Solutions

Hosted security solutions that not only protect your data, but reduce your security management TCO, as well.

Featured Whitepapers

Why Security SaaS Makes Sense Today

Energy Efficiency

Best practices to optimize computing ability while minimizing power costs.

Featured Whitepapers

The Role of IT in Sustainability

Virtualization & Business Continuity

Virtualization solutions, management tips and industry insights to promote and insure the lifespan of your business.

Featured Whitepapers

Rethinking Business Continuance — Driving Data Availability Up and Costs Down

Premium Tools

Browse

Windows 7 Upgrade Project Kit

Moving to Windows 7? The Windows 7 Upgrade Project Kit is the ideal support tool for managing all phases of an organizational upgrade to Windows 7. The tools and templates in this kit will help you develop a strategy and map out the implementation tactics which link your Windows 7 deployment to your company's bottom line.

Learn more >

The IT Service Catalog Management Toolkit

Bridge the it-business gap once and for all! A well documented IT services catalog is the conduit for IT services to the rest of the company.

Learn more >