For Security & Risk Professionals

Optimize Your GRC Program For 2012 And Beyond

    Why Read This Report

    This report outlines Forrester's solution for security and risk (S&R) professionals looking to establish a formal risk and compliance management program. We designed this report to help S&R pros optimize their GRC strategy for 2012. Your governance, risk, and compliance (GRC) efforts set the parameters by which your organization achieves performance and meets objectives, so it's no surprise that putting together your GRC plan for the next 12 months can be as difficult as strategic planning for the organization. This process should include careful consideration not just of internal drivers but also the key trends affecting other businesses or agencies in your industry. As you put your plans together, expect the biggest trends in 2012 to include more of a platform approach to GRC product implementations, emphasis on programs for content aggregation and process standardization, continued struggles to include risk earlier in decision cycles, a slow but steady evolution of controls automation, and increasing scrutiny on programs rather than results. Stay on top of these trends by concentrating on GRC fundamentals and not pushing ahead too quickly on program maturity.

    US $ 499
    Become A Client

    Get objective, pragmatic guidance that helps you make tough decisions and succeed in a complex world. Contact us to learn more.

    Already A Client?
    Log in to read this document.

    TABLE OF CONTENTS

    • For GRC Fundamentals, The Wisdom Of The Crowds Is Usually Best
    • 2011 Year In Review: Broader Adoption, But Little Progress Toward Maturity
    • For 2012, GRC Efforts Will Largely Focus On Aggregation And Standardization
    • WHAT IT MEANS

      GRC Professionals Have Been Too Impatient With Program Maturity
    • Supplemental Material
    • Related Research Documents