<img alt="dcsimg" id="dcsimg" width="1" height="1" src="//www.qsstats.com/dcs8krshw00000cpvecvkz0uc_4g4q/njs.gif?dcsuri=/index.php/c/a/IT-Management/Five-Ways-to-Build-a-More-Effective-GRC-Strategy-753584&amp;WT.js=No&amp;WT.tv=10.4.1&amp;dcssip=www.baselinemag.com&amp;WT.qs_dlk=XfdRozFexqApCeQBs4vyRgAAAAc&amp;">

Five Ways to Build a More Effective GRC Strategy

By Samuel Greengard  |  Posted 2011-09-30 Print this article Print

You can’t navigate the maze of regulation and compliance without a detailed roadmap.

• Think information rather than systems. It’s important to manage structured and unstructured data, including chat and IM streams, Skype, social media, clouds, and mobile devices and data.

• Focus on authentication. Identity management is a key to success in the GRC arena. Multifactor authentication, device identification and transaction monitoring are all increasingly crucial to GRC.

• Automate key processes. The ability to automate regulatory and policy mapping goes a long way toward reducing risk. Experts say it’s important to build systems and processes that address the full spectrum of issues, including privacy.

• Make GRC a business proposition rather than an IT plan. The end goal is to measure and address risk. The best GRC applications cannot replace well-conceived processes and policies. What’s more, it’s critical to separate IT risks from business risks.

• Consolidate systems and efforts. There should be a single point of governance for GRC. Too often, organizations wind up with a tangle of initiatives managed by different managers. An organization might consider appointing a risk manager to oversee all IT and business initiatives and reduce costs.

See Also:

Navigating the GRC Maze

GRC Meets Analytics

Samuel Greengard is a freelance writer for Baseline.
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.