Lines of businesses, legal entities, functions, people, business processes, risks, controls, products, projects, programs, strategic initiatives, servers, facilities, suppliers – the business of doing business is complicated. And if we are to create a well-governed and risk-aware organization that reaches for the sky on the shoulders of GRC, then we need a simple and consistent way to handle all this complexity. Furthermore, as with all foundations, creating it requires a solid understanding of what we're going to put on top of it. So, a comprehensive GRC foundation will need to be informed by GRC activities such as policy management, risk management, supply chain governance, IT risk, security, etc., so that it, in turn, can support all these activities with a common framework.
Before we get ahead of ourselves, if you're still wondering what 'GRC' is, then here's a quick introduction to the topic. OK, with that out of the way, let's move on and enlist the help of our friendly neighborhood banana company, 'The Wide World of Bananas, Inc.' to be our role model for the day. "Why 'bananas'" you say? Well, that's easy – because they are yellow, healthy and such a fun fruit! And, like the banana, the business of growing and delivering them to your friendly neighborhood grocer hides more complexity than the surface lets on.
In this slideshow, Vasant Balasubramanian, vice president of product management at MetricStream, takes a closer at building a strong foundation for GRC.
IT hiring in 2016 is expected to continue to be a relatively fierce market, favoring employees looking for new positions. ... More >>
Budgets and headcounts are expected to remain relatively flat going into 2016, while business expectations and demands are only increasing. ... More >>
IT leaders and business executives are beginning to focus their eyes on new IT initiatives, including so-called "smart" technologies, as well as efforts to better integrate previous IT investments into the business. ... More >>