Your GRC Journey in Five Important Steps

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14
Next Your GRC Journey in Five Important Steps-6 Next

Designing a GRC program is all about creating a common GRC ontology, defining GRC use cases, and understanding how the GRC technology eco-system will be leveraged to bring the right information and analytics together to improve business performance. Ontology means getting granular on risk appetite – yes, while this is difficult, it is not impossible to define! It also means determining what information will be shared across common libraries of processes, risks and controls. Ontology also means defining the risk hierarchy, risk analysis methods, risk calculations for rollups and finally, risk metrics.

Ultimately, achieving apples-to-apples comparisons depends on the organization’s ability to adopt a shared ontology and enterprise model with standard names for business units, identities and infrastructure elements. In the short term, this may be a matter of balancing common and federated processes for risk identification, risk analysis and remediation processes as the organization evolves to deploying a GRC platform as a single system of record and single version of truth.

Governance, risk, and compliance (GRC) as a means to reduce process redundancy, deliver risk intelligence, and improve business performance has captured the attention of leadership teams across the enterprise. GRC is also now embracing IT and security teams, often catching them unprepared to champion their unique requirements.

So, what’s the impact of GRC in terms of how we manage IT and security programs? The impact can be significant according to Yo Delmar, vice president of GRC Solutions, MetricStream; a GRC program can bring great benefits, or major woes, if not approached with the right goals clearly in sight. IT and security teams need to be actively engaged at the table, collaboratively shaping the GRC program scope in order to create real value.


Related Topics : Vulnerabilities and Patches, Resellers, Broadcom, Broadband Services, Supercomputing

More Slideshows

infra100-190x128 Top 10 Strategic Technology Trends for 2017

Here are the top 10 strategic technology trends that will impact most organizations in 2017. Strategic technology trends are defined as those with substantial disruptive potential or those reaching the tipping point over the next five years. ...  More >>

Global33-290x195 2017 and Beyond: How Digital Innovation Will Impact the World

Digital innovation is by far the biggest influencer, changing the way we do just about everything, from shopping to communication to running a business. ...  More >>

ArriaNLG-IoTAutomation0x Internet of Things Personified: Integration and Automation

The real value that the Internet of Things brings is at the intersection of gathering data and leveraging it. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.