More

    The GRC Challenge

    When it comes to anything related to governance, risk management and compliance (GRC), there’s always room for a lot of grousing. The two main issues, of course, are securing the cooperation of the parties involved and the reliance on a lot of manual processes to get the job done.

    A survey of 191 GRC practitioners, conducted by the Ponemon Institute on behalf of the RSA unit of EMC, finds that a lack of resources and a lack of cooperation are the two biggest GRC impediments. But perhaps even more troubling is what appears to be a lack of faith in the IT tools available to help automate the process.

    Of course, the one thing that everybody can seem to agree on is that the Payment Card Industry Data Security Standard (PCI DSS) is far and away the most difficult standard with which to comply. Whether that is a good or bad thing will naturally depend on your perspective.

    The GRC Challenge - slide 1

    Click through for results from a GRC survey conducted by the Ponemon Institute on behalf of the RSA unit of EMC.

    The GRC Challenge - slide 2

    A lot of activity everywhere.

    The GRC Challenge - slide 3

    IT plays a critical role.

    The GRC Challenge - slide 4

    They are a significant issue.

    The GRC Challenge - slide 5

    A lot of infrequent collaboration.

    The GRC Challenge - slide 6

    Lack of resources and collaboration top the list.

    The GRC Challenge - slide 7

    Steady as GRC goes.

    The GRC Challenge - slide 8

    IT leads slightly.

    The GRC Challenge - slide 9

    IT comes in a distant second.

    The GRC Challenge - slide 10

    IT comes in second again.

    The GRC Challenge - slide 11

    IT is a closer second.

    The GRC Challenge - slide 12

    Assessment tops the list.

    The GRC Challenge - slide 13

    About half are confident.

    The GRC Challenge - slide 14

    Someone appears to be in charge.

    The GRC Challenge - slide 15

    About half are generally centralized.

    The GRC Challenge - slide 16

    Focus is mainly on automating assessment.

    The GRC Challenge - slide 17

    Not as high a score as one would think.

    The GRC Challenge - slide 18

    Third parties are always the biggest challenge.

    The GRC Challenge - slide 19

    PCI DSS wins hands down.

    Latest Articles