Ventana Research Analyst Perspectives

The Value and Limits of the Term “GRC”

Posted by Robert Kugel on Oct 11, 2011 10:39:56 AM

My colleague Mark Smith and I have frequently commented on the artificiality of the emerging software category governance, risk and compliance (GRC). To be sure, once stand-alone categories of software (IT governance, audit documentation and industry-specific compliance management, to name three examples) have started what I expect to be a long convergence process. Moreover, since just about all controls and risk management efforts require a secure IT environment to be effective, there is a growing interdependence between effective IT governance and everything else connected with enterprise GRC.

Read More

Topics: Governance, GRC, enterprise risk management, ERM, risk metrics, vendor selection, Operational Performance, Business Performance, Financial Performance, compliance, Risk, risk management, controls, IT governance