Lines of businesses, legal entities, functions, people, business processes, risks, controls, products, projects, programs, strategic initiatives, servers, facilities, suppliers – the business of doing business is complicated. And if we are to create a well-governed and risk-aware organization that reaches for the sky on the shoulders of GRC, then we need a simple and consistent way to handle all this complexity. Furthermore, as with all foundations, creating it requires a solid understanding of what we're going to put on top of it. So, a comprehensive GRC foundation will need to be informed by GRC activities such as policy management, risk management, supply chain governance, IT risk, security, etc., so that it, in turn, can support all these activities with a common framework.
Before we get ahead of ourselves, if you're still wondering what 'GRC' is, then here's a quick introduction to the topic. OK, with that out of the way, let's move on and enlist the help of our friendly neighborhood banana company, 'The Wide World of Bananas, Inc.' to be our role model for the day. "Why 'bananas'" you say? Well, that's easy – because they are yellow, healthy and such a fun fruit! And, like the banana, the business of growing and delivering them to your friendly neighborhood grocer hides more complexity than the surface lets on.
In this slideshow, Vasant Balasubramanian, vice president of product management at MetricStream, takes a closer at building a strong foundation for GRC.
Even small changes can have a big impact on the success of managing IT tickets. Here are 10 steps organizations can use to keep their help desk from spinning out of control. ... More >>
Five benefits of hiring remote workers and how they can be better than traditional office dwellers. ... More >>
Survey results suggest management may be placing more emphasis on being kept informed during an event than on ensuring timely resolution. ... More >>