Governance Risk & Compliance (GRC)

Every organizational business function and process is governed in some way to meet objectives. Each of these objectives has risks, as well as controls that increase the likelihood of success (or minimize the impact of failure). These are the fundamental concepts of GRC. To maximize business performance, GRC programs are designed to help companies avoid major disasters and minimize the impact when avoidance is unlikely.

Latest Research

  • For eBusiness & Channel Strategy Professionals

    REPORT: Accelerate Startup Onboarding With A Risk-Tolerant Approach

    Balance Innovation And Risk When Working With Emerging Vendors

    February 20, 2019 Oliwia Berdak, Duncan Jones

    Digital leaders keen to access cutting-edge technologies are betting on startups. But traditional, risk-averse supplier management models often prevent them from working with promising emerging vendors. This report will help digital business and procurement professionals work together to balance innovation and risk when working with startups.

  • For Security & Risk Professionals

    REPORT: The Security Of Cryptocurrencies

    Security Must Help Business Leaders Make Risk-Based Decisions On Cryptocurrency Adoption And Implementation

    February 13, 2019 Andras Cser, Heidi Shey, Jeff Pollard, Merritt Maxim

    Many enterprises are considering the adoption of cryptocurrencies for payment. As a security and risk (S&R) professional, you're responsible for helping business leaders understand the legal and regulatory risks and, importantly, how to secure the cryptocurrency. In this report, we help S&R pros: 1) understand the current adoption of cryptocurrency payments; 2) examine the threat surface; 3) investigate the regulatory landscape; and 4) identify best practices for secure implementation.

  • For Security & Risk Professionals

    REPORT: Widen Your Risk Taxonomy To Remove Blind Spots

    Landscape: The Governance, Risk, And Compliance Playbook

    February 8, 2019 Renee Murphy

    The way enterprises categorize risk has important implications for how they assess, measure, and treat it. Antiquated categories of risk — such as legal, operational, financial, and strategic — may leave an organization blind to some of the biggest sources of potential loss because they don't happen to fall neatly into these groupings. This report explores the breadth of risk events that have caused the biggest recent corporate losses, introducing a new taxonomy to help risk managers make sure they don't have any such blind spots.

  • For Security & Risk Professionals

    REPORT: GRC Vision, 2019 To 2024

    Vision: The Governance, Risk, And Compliance Playbook

    January 25, 2019 Renee Murphy, Christopher McClean

    Risk management professionals are used to helping steer their organizations through uncertainty, and as fast as business and technology are advancing, they should be looking five years into the future to guide their current strategy. Many key trends will amplify strategic and digital risks and transform the core responsibilities of risk management. This report outlines these global business and technology trends and their long-term implications, helping risk managers better prepare for the potential impacts that will shortly ensue.

  • For CIO Professionals

    REPORT: Optimize Cybersecurity And Privacy Oversight

    Advanced Level: Oversight For Cybersecurity And Privacy

    January 25, 2019 Renee Murphy, Nick Hayes, Paul McKay, Christopher McClean

    Firms with advanced-level oversight for cybersecurity and privacy are rare, but despite their strong efforts, they can't become complacent. Regulatory requirements, threats, business models, and technologies are all changing so fast that even the best programs have to be diligent to stay ahead. This report — the third of three in the oversight competency of the cybersecurity and privacy playbook — helps CIOs meet the continued challenges of advanced oversight programs.

View all research

Analysts Who Cover Governance Risk & Compliance (GRC)

View all related analysts