How Business Continuity, Information Security and Risk Management Collaboration Bolsters Business Performance

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13
Next How Business Continuity, Information Security and Risk Management Collaboration Bolsters Business Performance-10 Next

Technology Solutions

Technology Solutions for Governance, Risk, Compliance and Business Continuity Convergence

A common GRC platform with a 360-degree view of risk can provide an ideal base for this convergence. Here governance, risk, compliance, business continuity and management all come under a single platform. Common nomenclature and terminology within threat reports are supported and leveraged by a common policy, impact analysis, risk and control framework. Also, common processes for incident response and crisis management can be followed. This accelerates an organization's ability to react quickly to avoid incidents and adverse events. It is important to get the alignment right in any organization, between incidents reported, crisis management, supply chain risk, security risk and operational risk. A GRC platform and integrated solution set can provide that repository of critical information from different perspectives.

The objective of GRC technology is not just to leverage the common platform with the asset inventory and risk control framework, but to really extend the security nomenclature to include the work of business continuity, security and risk teams – the solution is based on a very broad platform that covers several functions and supports many stakeholders. The objective here is to provide risk intelligence that can improve performance of the organization.

By Yo Delmar, vice president GRC Solutions at MetricStream, and Harvey Betan, associate principal at Risk Masters Inc.

Business continuity programs are often considered on a standalone basis, but recent incidents that involve security breaches highlight how business continuity, disaster recovery, security and risk management teams are compelled to work more closely together in order to understand the true likelihood and impact of potential disruptions to the business. Let's consider the situation, for example, when an IT infrastructure is compromised or made unavailable (e.g., DDoS attack) to an online banking site or an online retailer. Companies that have been impacted by these types of incidents have experienced, in some cases, dramatic effects on their business operations and revenues. To ensure that the business sails smoothly, more and more organizations are beginning to converge IT security, risk management and business continuity teams in order to establish and agree upon a common framework and processes for crisis management.

Today, business continuity planning and management goes beyond the physical continuity of the business, encompassing areas such as e-continuity, as well. We live in an era of e-business, with a growing percentage of business transactions moving through the Internet, extranets, virtual private networks and cloud service providers. The complexity of this ecosystem has given rise to a larger threat surface, with a higher number of threats to digital information and traffic flows. Over the last two to three years, the rise in cyberattacks has driven an integration of security with operational and enterprise risk management. More recently, business continuity and disaster recovery teams have become an increasingly key partner in these collaborative teams as a natural fit in the larger concept of a 360-degree risk management.


Related Topics : A Big Market for Big Data Jobs, Midmarket CIO, IT Management Automation, SharePoint, Technology Markets

More Slideshows

IT_Man89-290x195 9 Tips for Running a 'Tween' Company

Advice and tips for entrepreneurs and companies that are no longer startups but not quite ready for an IPO, also known as "tweens." ...  More >>

IT_Man88-190x128 Top 5 Trends Affecting Women-Owned Micro Businesses

Learn more about the challenges and opportunities presented to women leaders, especially micro-business owners. ...  More >>

Analytics21-190x128 5 Ways to Avoid Becoming 'Digital Prey'

Future IT leaders will need to seek technologies that eliminate silos in order to deliver the right information to the right person within the right application environment at the right time. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.