Search Results Page
Displaying Results for:
- IT Risk Management (Remove)
Track research using these terms:
Sort by:
Displaying results 1-25 of 36 results
Results based on your search criteria
For Infrastructure & Operations Professionals
State Of Enterprise Disaster Recovery Preparedness: Q3 2009
by Stephanie Balaouras, November 4, 2009
Although disaster recovery (DR) was once considered an expensive insurance policy for rare but catastrophic events such as hurricanes and terrorist activity, Forrester survey data suggests that enterprises across North America and Europe are now moving . . .
For CIOs
CIOs: Categorize And Define Technology Investment Risk
by Sharyn Leaver, September 21, 2009
Failed, delayed, and misaligned IT projects have fueled business executives' dissatisfaction with IT. The benefit and cost estimates of technology investments provided by IT executives are often far from the realized business costs and benefits. To set . . .
For Security & Risk Professionals
Healthcare Security: Ready Or Not, Here It Comes
Applying Five Cardinal Rules Of Information Security To Healthcare Companies
by Khalid Kark, July 24, 2009
The US Congress enacted the Health Insurance Portability and Accountability Act (HIPAA) in 1996. The security and privacy rules took effect in 2003, but none of this really improved the overall state of information security across the healthcare industry. . . .
For Security & Risk Professionals
Articulating The Business Value Of Information Security
by Khalid Kark, July 24, 2009
Many CISOs struggle to articulate the value of their security programs and justify the security budget to business and executive management. This problem was acutely evident in the current economic downturn: Many security managers saw their budgets slashed, . . .
For Security & Risk Professionals
Topic Overview: Governance, Risk, And Compliance
by Chris McClean, April 29, 2009
Successful businesses universally strive to achieve better corporate governance, more effective measurement and management of risk, and greater assurance that compliance requirements are met. Whether or not these efforts bear the governance, risk, and . . .
For Vendor Strategy Professionals
Market Overview: IT Security In 2009
by Jonathan Penn, April 22, 2009
The big news for the IT security market in 2009 is that it will fare relatively well. Cost and justification pressures are exerting themselves, but through increasing business-level visibility led by data-breach headlines, security spend continues to . . .
For Business Process & Applications Professionals
Quantifying Technology Investment Risk
A Component Of The Forrester Total Economic Impact™ Methodology
by Chip Gliedman, April 10, 2009
The process of risk measurement has been confounding decision-makers within IT for some time, resulting in the use of weak qualitative analysis that only loosely ties to project outcomes. But using the basic financial community equivalency of "risk equals . . .
For B2B Market Research Professionals
Disaster Recovery Solutions Remain High On Healthcare's Agenda 
(406 KB PPT)
by Eric G. Brown, March 27, 2009
Disaster recovery solutions have been a critical agenda item for hospital IT organizations, but years of HIPAA regulatory pressure and post-Katrina lessons have brought the sector into relative maturity. However, the tail remains, and there's urgency . . .
For Infrastructure & Operations Professionals
Inquiry Spotlight: Disaster Recovery, Q1 2009
by Stephanie Balaouras, March 20, 2009
Whether it's a power grid failure, ice storm, or Category Five hurricane, when disaster strikes, IT must have disaster recovery plans in place to ensure the continuity of IT systems that support critical business processes. If IT isn't prepared, it will . . .
For Security & Risk Professionals
The Forrester Wave™: Information Security And IT Risk Consulting, Q1 2009
Deloitte And PricewaterhouseCoopers Lead, With Accenture Close Behind
by Khalid Kark, March 18, 2009
In Forrester's 72-criteria evaluation of information security and IT risk consulting service providers, we found that Deloitte and PricewaterhouseCoopers (PwC) lead the pack because of their superior understanding of business requirements coupled with . . .
For Security & Risk Professionals
Enterprise IT Security In Europe: 2008
Business Data Services Europe
by Bill Nagel, March 2, 2009
How are European enterprises adopting, using, and managing IT security technologies, including client security, data security, content filtering, and business continuity and disaster recovery? This document highlights an extensive data set collected from . . .
For Security & Risk Professionals
Consolidation Looms For The IT GRC Market
Industry Takes Aim At More Complete Compliance Management
by Marc Othersen, Chris McClean, January 5, 2009
As companies find ways to streamline compliance programs and reduce costs, the IT governance, risk, and compliance (GRC) vendor market is quickly looking like prime feeding ground for merger and acquisition sharks. Low company valuations, recent leaps . . .
For Security & Risk Professionals
Clearing The Air On IT GRC
by Marc Othersen, Jonathan Penn, October 29, 2008
With the vast array of vendors claiming to have IT governance, risk, and compliance (IT GRC) products, the true definition of IT GRC has gotten lost, and security professionals are left confused and uncertain. In an effort to institute clarity, Forrester . . .
For Vendor Strategy Professionals
Cutting Through The IT GRC Hype
by Jonathan Penn, October 29, 2008
IT governance, risk, and compliance (IT GRC) provides a useful framework for coordinating many different endeavors to make more risk-informed business decisions. Market interest in IT GRC is at least as much about the practice of IT GRC as it is about . . .
For Infrastructure & Operations Professionals
How To Stay Compliant When Times Are Tough
Best Practices: IT Control Testing, Reporting, And Integration
by Simon Yates, October 24, 2008
In the midst of an economic downturn that seems at least partly caused by inadequate enforcement of regulations, the demand for IT controls is increasing. IT professionals must monitor an ever-expanding array of IT assets and track their compliance to . . .
For Security & Risk Professionals
CISOs Must Take The Lead On Business Resiliency
Finding Common Ground Among Business Continuity, IT Disaster Recovery, And Information Security
by Stephanie Balaouras, Chris McClean, October 21, 2008
Aggressive global competition, greater service demands, more restrictive regulatory requirements, and increasingly rigid corporate oversight all raise the expectations for achieving and demonstrating business resiliency. Business continuity, IT disaster . . .
For Sourcing & Vendor Management Professionals
Sourcing In The Shadow Of Terrorism
Firms Need To Audit Their Suppliers' Security And Business Continuity Plans
by Sudin Apte, John C. McCarthy, October 10, 2008
Over the past six months, there has been a steady increase in the number of terrorist attacks in India. Over time, continued political turmoil may force more firms to implement an "India Plus One" offshore sourcing strategy. However, in the short term, . . .
For Security & Risk Professionals
Best Practices: IT Control Testing, Reporting, And Integration
by Marc Othersen, October 2, 2008
Control testing and reporting are the foundations of IT compliance, while integration is critical for sustainability. To uncover best practices for IT control testing, reporting, and integration, Forrester spoke with companies from a variety of industries . . .
For Security & Risk Professionals
Inquiry Insights: Business Continuity, Q3 2008
by Stephanie Balaouras, September 22, 2008
Every year, Forrester receives more than 265 inquiries on topics related to business resiliency such as business continuity, IT continuity, IT high availability, and data backup. Between August 2007 and August 2008, 62 end users made inquiries primarily . . .
For Security & Risk Professionals
Case Study: North American Financial Institution Relies On Self-Assessments
by Marc Othersen, August 28, 2008
A North American financial institution wanted to collect and store evidence of IT control effectiveness in a way that provided rapid access for review and that protected sensitive information. Its solution linked IT compliance test results with corresponding . . .
For Security & Risk Professionals
Case Study: North American Manufacturer Links IT Controls To Business Impacts
by Marc Othersen, August 28, 2008
A North American manufacturer struggled with meeting an executive mandate for quarterly IT controls testing in a financially responsible manner. Its solution was to categorize IT controls based on business impact and use the categorizations to set IT . . .
For CIOs
The Efficient Frontier: Balancing Risk And Reward In Your IT Portfolio
by Craig Symons, July 31, 2008
Successful IT investments have a track record of delivering outsized returns. However, they are the minority. The majority of IT investments tend to produce returns that don't justify their high risks. Portfolio management should be used to ensure that . . .
For Business Process & Applications Professionals
Tax Risk Management: An Inconvenient Truth
Making The Connection Between Tax Processes And Risk Management
by Scott Tiazkun, July 16, 2008
Most enterprises face a growing tax burden and audit risk, yet many are not stepping up efforts to automate tax processes and reduce tax risk factors. Finance and risk professionals must pursue risk management and enterprise tax automation concurrently . . .
For Security & Risk Professionals
The Forrester Wave™: IT Risk And Compliance Software, Q2 2008
Archer Technologies, Brabeion, and Agiliance Lead, With Relational Security, CA, And Modulo Close Behind
by Marc Othersen, June 30, 2008
Forrester evaluated leading IT risk and compliance software vendors across 88 criteria through scripted product demonstrations and found that Agiliance, Archer Technologies, and Brabeion have established early IT risk and compliance leadership thanks . . .
For Security & Risk Professionals
Adopting A Simple, Business-Oriented Information Risk Assessment Methodology (524 KB PPT)
by Paul Stamp, Marc Othersen, April 24, 2008
Security and risk management professionals need to create a structured way of involving the business in the information risk management process. This presentation provides some basic tools for the business to provide input into the risk assessment process . . .
