Governance Risk & Compliance (GRC)

Every organizational business function and process is governed in some way to meet objectives. Each of these objectives has risks, as well as controls that increase the likelihood of success (or minimize the impact of failure). These are the fundamental concepts of GRC. To maximize business performance, GRC programs are designed to help companies avoid major disasters and minimize the impact when avoidance is unlikely.

Latest Research

  • For Security & Risk Professionals

    REPORT: Manage Third-Party Risk To Achieve And Maintain GDPR Compliance

    April 19, 2018 Enza Iannopollo, Alexander Spiliotes

    It doesn't matter if third parties supply you with data, technology, or services: If they touch your customers' or employees' personal data, their security and privacy postures directly affect your business, security, and ability to comply with regulations and customer expectations. With GDPR coming into force soon, security and risk (S&R) pros from CISOs to privacy officers are restructuring their third-party risk management operations to fit a GDPR world. In this report, we explain how GDPR impacts traditional third-party risk management and how you need to adapt.

  • For Infrastructure & Operations Professionals

    REPORT: Adoption Profile: Private Cloud In Europe, Q2 2018

    Hybrid Cloud Is The Approach That Will Conquer Digital Transformation And GDPR

    April 10, 2018 Lauren E. Nelson

    European enterprises continue to adopt private cloud, despite the strong prevalence in their strategies to migrate to public clouds. In 2017, they sought to optimize these strategies, seeking less complexity, tighter budgets, and heightened developer productivity. The era of the pragmatic cloud is here; enterprises are exploring change tolerance, the impact of GDPR, and common API solutions like Azure Stack. This report analyzes current trends in private cloud adoption, using data from the Forrester Data Global Business Technographics® Infrastructure Survey, 2017.

  • For CIO Professionals

    REPORT: Wondering Whether To Accept Cryptocurrencies? Take A Risk Management Approach

    Cryptocurrencies As A Payment Instrument Are Not For The Faint-Hearted

    March 29, 2018 Martha Bennett

    Should your organization accept payments in Bitcoin or other cryptocurrencies? CIOs and senior tech leaders need to have an answer on hand if the topic comes up for discussion. This document outlines why it's not as simple as adding another payment option, but is, in fact, a risk management decision.

  • For Security & Risk Professionals

    REPORT: Top Recommendations For Your Security Program, 2018

    As Security's Purview Increases, Prioritize Helping Your Customer

    March 23, 2018 Amy DeMartine, Merritt Maxim, Heidi Shey, Nick Hayes, Jeff Pollard, Enza Iannopollo, Andras Cser

    Each year, Forrester outlines the most important recommendations for your security strategy for the coming 12 months. We base these recommendations on thousands of client inquiries and interactions, consulting engagements, and dozens of primary research interviews with chief information security officers (CISOs), security vendors, and major security consultancies and service providers. CISOs: Leverage this report to guide your security program strategy, and prioritize changes to security architecture and operations for the coming year.

  • For Security & Risk Professionals

    REPORT: Blockchain Will Transform And Radically Improve Fraud Management And Anti-Money Laundering

    Blockchain Will Allow Financial Institutions And New Vendors To Challenge The Status Quo

    March 21, 2018 Andras Cser, Martha Bennett

    Financial institutions (FIs) find it increasingly difficult to meet tough new anti-money laundering (AML) and enterprise fraud management (EFM) requirements while also maintaining their edge to win, serve, and retain customers. This report presents a blueprint on how security and risk (S&R) pros can use blockchain, as it matures into a technology and process backbone, to re-architect and augment their AML and EFM systems.

View all research

Analysts Who Cover Governance Risk & Compliance (GRC)

View all related analysts