Your GRC Journey in Five Important Steps

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14
Next Your GRC Journey in Five Important Steps-6 Next

Designing a GRC program is all about creating a common GRC ontology, defining GRC use cases, and understanding how the GRC technology eco-system will be leveraged to bring the right information and analytics together to improve business performance. Ontology means getting granular on risk appetite – yes, while this is difficult, it is not impossible to define! It also means determining what information will be shared across common libraries of processes, risks and controls. Ontology also means defining the risk hierarchy, risk analysis methods, risk calculations for rollups and finally, risk metrics.

Ultimately, achieving apples-to-apples comparisons depends on the organization’s ability to adopt a shared ontology and enterprise model with standard names for business units, identities and infrastructure elements. In the short term, this may be a matter of balancing common and federated processes for risk identification, risk analysis and remediation processes as the organization evolves to deploying a GRC platform as a single system of record and single version of truth.

Governance, risk, and compliance (GRC) as a means to reduce process redundancy, deliver risk intelligence, and improve business performance has captured the attention of leadership teams across the enterprise. GRC is also now embracing IT and security teams, often catching them unprepared to champion their unique requirements.

So, what’s the impact of GRC in terms of how we manage IT and security programs? The impact can be significant according to Yo Delmar, vice president of GRC Solutions, MetricStream; a GRC program can bring great benefits, or major woes, if not approached with the right goals clearly in sight. IT and security teams need to be actively engaged at the table, collaboratively shaping the GRC program scope in order to create real value.


Related Topics : Vulnerabilities and Patches, Resellers, Broadcom, Broadband Services, Supercomputing

More Slideshows

Classroom tech Ten New Technologies Transforming the Classroom

Here are 10 ways that college professors are taking advantage of the technology students currently use and adding new technologies to enhance the teaching and learning experiences. ...  More >>

IBM Watson How and Why Companies Are Incorporating the Power of IBM Watson

Watson continuously learns from previous interactions, gaining in value and knowledge over time. Learn how companies are harnessing that AI power to create and improve products and services. ...  More >>

infra100-190x128 Top 10 Strategic Technology Trends for 2017

Here are the top 10 strategic technology trends that will impact most organizations in 2017. Strategic technology trends are defined as those with substantial disruptive potential or those reaching the tipping point over the next five years. ...  More >>

Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.