IT GRC: Managing Risk, Improving Visibility, and Reducing Operating Costs
For all organizations with current or planned initiatives in the area of IT governance, risk management, and compliance (IT GRC), this report describes the policy, planning, process, and organizational elements of successful implementations. Companies with top results position themselves to make better-informed business decisions, in the context of the organization's requirements for compliance and also their appetite for risk.
To distinguish Best-in-Class companies from Industry Average and Laggard organizations in their respective IT GRC initiatives, Aberdeen used each respondent's estimated year-over-year changes in the following capabilities:
Identification of weaknesses in existing risk management processes
Ability to translate risk assessment data into actionable recommendations
Flexibility to adjust to new or updated regulatory requirements
The first two criteria were selected as measures of an organization's performance in adapting and responding to risk, while the third was selected as an indicator of their ability to adjust to a dynamic compliance landscape. Companies with top performance based on these criteria earned Best-in-Class status.
Read this analyst report to learn more about Best-in-Class companies and what they all have in common that keeps them above the rest.
- 11 Aug 2009
- 11 May 2009
- 28 Page(s)
- Analyst Report