Five Ways to Build a More Effective GRC Strategy

By Samuel Greengard  |  Posted 2011-09-30 Print this article Print

You can’t navigate the maze of regulation and compliance without a detailed roadmap.

• Think information rather than systems. It’s important to manage structured and unstructured data, including chat and IM streams, Skype, social media, clouds, and mobile devices and data.

• Focus on authentication. Identity management is a key to success in the GRC arena. Multifactor authentication, device identification and transaction monitoring are all increasingly crucial to GRC.

• Automate key processes. The ability to automate regulatory and policy mapping goes a long way toward reducing risk. Experts say it’s important to build systems and processes that address the full spectrum of issues, including privacy.

• Make GRC a business proposition rather than an IT plan. The end goal is to measure and address risk. The best GRC applications cannot replace well-conceived processes and policies. What’s more, it’s critical to separate IT risks from business risks.

• Consolidate systems and efforts. There should be a single point of governance for GRC. Too often, organizations wind up with a tangle of initiatives managed by different managers. An organization might consider appointing a risk manager to oversee all IT and business initiatives and reduce costs.

See Also:

Navigating the GRC Maze

GRC Meets Analytics

Samuel Greengard is a freelance writer for Baseline.

Submit a Comment

Loading Comments...
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.

By submitting your information, you agree that baselinemag.com may send you Baselinemag offers via email, phone and text message, as well as email offers about other products and services that Baselinemag believes may be of interest to you. Baselinemag will process your information in accordance with the Quinstreet Privacy Policy.

Click for a full list of Newsletterssubmit