Five Ways to Build a More Effective GRC StrategyBy Samuel Greengard | Posted 2011-09-30 Print
You can’t navigate the maze of regulation and compliance without a detailed roadmap.
• Think information rather than systems. It’s important to manage structured and unstructured data, including chat and IM streams, Skype, social media, clouds, and mobile devices and data.
• Focus on authentication. Identity management is a key to success in the GRC arena. Multifactor authentication, device identification and transaction monitoring are all increasingly crucial to GRC.
• Automate key processes. The ability to automate regulatory and policy mapping goes a long way toward reducing risk. Experts say it’s important to build systems and processes that address the full spectrum of issues, including privacy.
• Make GRC a business proposition rather than an IT plan. The end goal is to measure and address risk. The best GRC applications cannot replace well-conceived processes and policies. What’s more, it’s critical to separate IT risks from business risks.
• Consolidate systems and efforts. There should be a single point of governance for GRC. Too often, organizations wind up with a tangle of initiatives managed by different managers. An organization might consider appointing a risk manager to oversee all IT and business initiatives and reduce costs.
IT Solutions Builder TOP IT RESOURCES TO MOVE YOUR BUSINESS FORWARD
Which topic are you interested in?
What is your company size?
What is your job title?
What is your job function?
Searching our resource database to find your matches...