Forrester

For Security & Risk Professionals

Report:Maximize Business Performance With A World-Class GRC Program

Executive Overview: The Governance, Risk, And Compliance Playbook

Unexpected events are at best distracting and at worst catastrophic for an organization as it strives to meet its objectives. Risk and compliance professionals must help their colleagues anticipate...

• Downloads: 202

For Security & Risk Professionals

Client Inquiry:What Is The State Of Governance, Risk, And Compliance In The Indian Market?

What is the size of the governance, risk, and compliance (GRC) market, and what is the market growth rate in India? Who are the major GRC vendors in India, and what are the areas of opportunity?

For Security & Risk Professionals

Client Inquiry:What Is The Pricing For Governance, Risk, And Compliance Platforms?

How are governance, risk, and compliance (GRC) platforms priced? What can I expect for implementation costs?

For Security & Risk Professionals

Report:Cultivate A Compliance And Risk Management Culture For Sustained Performance

Continuous Improvement: The Governance, Risk, And Compliance Playbook

When you're challenged by a constantly changing regulatory landscape, business environment, and risk profile, it's easy to overlook the critical role corporate culture plays in keeping compliance and...

• Downloads: 444

For Security & Risk Professionals

Report:Build A Governance, Risk, And Compliance Strategy Worthy Of Business Consideration

Strategic Plan: The Governance, Risk, And Compliance Playbook

Governance, risk management, and compliance (GRC) are far too often positions of emergency response. What's worse, as you constantly rush to respond to new mandates, enforce policies, or pull...

• Downloads: 546
• Rating:

Client Inquiry:What Are Our Options For Software That Tracks Employee Gifts?

We're looking for software that assists with the management and auditing of gifts that our employees receive from customers and suppliers.

For Security & Risk Professionals

Report:Governance, Risk, And Compliance Predictions: 2011 And Beyond

GRC Programs Are Set To Increase Their Breadth More Than Their Maturity

Those who have been involved with GRC initiatives or technologies may often conceive of a tipping point, where GRC comes of age and its value propositions and use cases become clear for all global...

• Downloads: 1219

For Security & Risk Professionals

Report:The Risk Manager's Handbook: How To Plan And Execute Appropriate Risk Treatment

Developing And Managing Efforts To Control Unacceptable Levels Of Risk

From understanding comes action. Your risk management efforts up to this point will have yielded a list of concerns; a measure of how much these concerns could affect objectives; and a decision of...

• Downloads: 194
• Rating:

For Security & Risk Professionals

Report:Build The Business Case For A GRC Platform

Business Case: The Governance, Risk, And Compliance Playbook

As the governance, risk, and compliance (GRC) platform market matures, product vendors struggle to point to credible return on investment figures, and potential buyers similarly struggle when asked...

• Downloads: 965

For Security & Risk Professionals

Report:TechRadar™ For Risk Management Professionals: GRC, Q4 2012

Road Map: The Governance, Risk, And Compliance Playbook

The governance, risk management, and compliance (GRC) technology market is one of fluctuation, confusion, and contention. Many technologies relevant for governance, risk management, and compliance...

• Downloads: 379
• Rating:

For Security & Risk Professionals

Report:Designate Clear Lines Of Risk And Compliance Accountability

Organization: The Governance, Risk, And Compliance Playbook

Governance, risk, and compliance (GRC) encompass an incredibly broad set of functions for organizations in any geography, in any industry. In fact, almost all employees play some role in helping...

• Downloads: 381
• Comments: 3
• Rating:

For Security & Risk Professionals

Report:Define And Articulate The Role Of Risk Management

Processes: The Governance, Risk, And Compliance Playbook

As a risk professional, you are currently in a position to exert more influence on your organization and increase the value you and your team can offer. Many of you will feel pressure to develop...

• Downloads: 1387
• Rating:

For Security & Risk Professionals

Report:Topic Overview: Governance, Risk, And Compliance

Governance, risk, and compliance (GRC) as a concept continues its steady march toward recognition as an accepted business practice. And even if they aren't using the term, organizations around the...

• Downloads: 1283

For Security & Risk Professionals

Client Inquiry:What Are The Governance, Risk, And Compliance Characteristics Of Firms Of Varying Adoption Levels?

What would you see as the governance, risk, and compliance characteristics of each of the following groups: 1) laggards; 2) middle of the pack; and 3) early adopters? Are there any special...

For Security & Risk Professionals

Report:The Forrester Wave™: Enterprise Governance, Risk, And Compliance Platforms, Q4 2011

As Leaders, BWise, MetricStream, IBM OpenPages, And RSA Archer Continue To Push The Envelope

Innovation among top enterprise GRC platform vendors has kept up an impressive pace as vendors aim to stay one step ahead of their customers' own advancements in governance, risk, and compliance...

• Downloads: 1219
• Rating:

For Security & Risk Professionals

Tool:Forrester Wave™: IT GRC Platforms, Q4 '11

For Security & Risk Professionals

Report:The Forrester Information Security Maturity Model

The Forrester Information Security Maturity Model is a framework that consists of four main security domains (oversight, technology, process, and people) with 25 functions and 123 low-level...

• Downloads: 67
• Rating:

For Security & Risk Professionals

Client Inquiry:The Role Of IT Security Management Versus IT Audit

We (IT security management) are currently discussing our tasks in relation to those of the auditing department. We would like to get advice about a typical or legally defined separation between the...

For Security & Risk Professionals

Report:It's Time To Include Social Technology In Your Crisis Communication Strategy

Among risk professionals who have successfully navigated their organization through a crisis, almost all will say that they had grossly underestimated the difficulty of communicating effectively...

• Downloads: 521

For Security & Risk Professionals

Report:The Risk Manager's Handbook: How To Measure And Understand Risks

Estimating Levels Of Risk Exposure To Help Guide Informed Decisions

Opposition to adopting formal risk management tends to use the process of risk measurement as its attack target — it's too subjective, it's too complicated, or it's too much investment just to...

• Downloads: 999

For Security & Risk Professionals

Report:Stop Ignoring Third-Party Risk

Practical Steps To Start Uncovering And Treating The Hidden Risks In Third-Party Relationships

The growing reliance on third-party providers is an increasingly uncomfortable trend for security and risk professionals. Financial pressures and efficient delivery models create great incentives for...

• Downloads: 477

For Security & Risk Professionals

Report:The Forrester Wave™: IT Governance, Risk, And Compliance Platforms, Q4 2011

RSA Archer, Agiliance, Rsam, Symantec, and Modulo Are All Leaders For Very Different Reasons

IT governance, risk, and compliance (GRC) vendors continue to show strong technical and strategic advances, while the market itself still struggles to define its direction. A small set of vendors...

• Downloads: 1149

For Security & Risk Professionals

Tool:Forrester Wave™: Enterprise GRC Platforms, Q4 '11

For Security & Risk Professionals

Report:The Regulatory Intelligence Battlefield Heats Up

In the cyclical nature of increasing and decreasing industry regulations, we are clearly on an upswing. Regulators that have faced public scorn for lax oversight are reacting with newfound...

• Downloads: 377

For Security & Risk Professionals

Report:The Risk Manager's Handbook: How To Identify And Describe Risks

Documenting The Sources Of Uncertainty That Might Affect Your Organization, Project, Asset, Or Objective

Enterprise risk management (ERM) programs are helping to break down organizational silos so that executives can gain insight on the risks that may affect all aspects of their business. Unfortunately,...

• Downloads: 1462