Sponsored Posting: What is GRC and why should I care?
July 17, 2008

Sponsored by Neupart, the ERP of Security

Governance, Risk Management and Compliance (GRC) could arguably be nominated as the buzzphrase of the year. Analysts, vendors and the media are touting GRC as a key overarching strategy to transform the modern corporation. What is GRC and is it useful to your business?

As popular as GRC seems to be, it defies an easy and universal definition. The conventional wisdom is that the organizational overhead from onerous governance requirements and a checklist approach to compliance hurts the organization, making it less secure and less competitive. We recommend that you think of GRC as aligning and integrating each of the three components to improve the quality of results each component provides. OCEG, a non-profit association championing GRC, uses the term “Principled Performance” to describe this concept. PwC, who first coined the term, uses “Integrity-Driven Performance”.

There clearly is some logic and common sense embedded in the definition. Take the example of a vulnerability assessment of IT assets that must be conducted for compliance purposes. A vulnerability assessment of a large enterprise will typically create a huge report of compliance tasks that will be difficult to accomplish. Using risk management can help cut down the tasks to those that really matter, streamlining compliance. (more…)

By Neupart • Articles, Neupart, Sponsored By

 Sidebar
  • Pages
  •  
    January 2009
    M T W T F S S
    « Dec    
     1234
    567891011
    12131415161718
    19202122232425
    262728293031  
  • Archives
  • Categories
  • Meta

    • copyright 2008 reavis consulting group, llc

    all postings and articles are owned and the copyright is held by the author, all opinions expressed are held by same.

    Riskbloggers is proudly powered by WordPress
    Entries (RSS) and Comments (RSS).

    design by | live | life | loud |