Governance Risk & Compliance (GRC)

Every organizational business function and process is governed in some way to meet objectives. Each of these objectives has risks, as well as controls that increase the likelihood of success (or minimize the impact of failure). These are the fundamental concepts of GRC. To maximize business performance, GRC programs are designed to help companies avoid major disasters and minimize the impact when avoidance is unlikely.

Latest Research

  • For Security & Risk Professionals

    REPORT: Vendor Landscape: Third-Party Risk Intelligence

    Products Vie To Augment Your Survey-Based Program

    October 20, 2017 Claire O'Malley, Nick Hayes

    Increasing business reliance on third-party ecosystems, coupled with worsening market volatility and threats, is forcing risk professionals to manage third-party risk at a new level. Point-in-time risk assessments no longer provide enough timely, relevant data to support effective risk management efforts. In response, third-party risk intelligence (TPRI) solutions enrich internal assessment data with external information and analysis. This vendor landscape examines the market for TPRI solutions.

  • For Security & Risk Professionals

    REPORT: Extend Compliance And Risk Management To What Really Matters For Your Business

    Landscape: The Governance, Risk, And Compliance Playbook

    October 16, 2017 Renee Murphy

    Risk management professionals should concern themselves with two types of risk: those that threaten the company with losses and fines and those that threaten its long-term viability. To really improve business performance, expand the fundamentals of your GRC program to the aspects of your company that drive success with customer interactions, which will in turn drive growth and revenue for your company. This is an update of a previously published report; Forrester reviews and updates it periodically for continued relevance and accuracy.

  • For Security & Risk Professionals

    REPORT: Vendor Landscape: eCommerce And Retail Fraud Management Solutions, Q3 2017

    A Focus On Accepting Orders And Business Growth Transforms The Market

    October 6, 2017 Andras Cser

    As security, risk, and fraud management professionals strive to secure every digital touchpoint of the customer journey, they've discovered that it's imperative to update eCommerce and retail fraud management (ERFM) solutions. They must move away from tools with high false-positive rates to next-gen solutions that provide much more effective fraud containment, require less maintenance, and counter fast-changing fraud patterns. This report helps security and fraud pros navigate the vendor landscape of this volatile market.

  • For Security & Risk Professionals

    REPORT: Forrester's 2017 Interactive Data Privacy Heat Map

    Landscape: The Data Security And Privacy Playbook

    September 14, 2017 Enza Iannopollo, Chris Sherman, Heidi Shey, Alexander Spiliotes

    To help S&R professionals navigate the complex landscape of privacy laws around the world, Forrester created the Data Privacy Heat Map, which explains the data protection guidelines and practices for 54 countries. It also covers government surveillance, cross-border data transfers, regulatory enforcement, and data center locations around the globe. Due to the dynamic nature of data protection legislation, we update the interactive tool whenever there are significant changes to relevant legislation. We also conduct an annual comprehensive review and update.

  • For Security & Risk Professionals

    REPORT: Four Scenarios To Build The Business Case For Enterprise Fraud Management

    Determine The Best Scenario To Reduce Fraud Losses And Increase ROI At Your Firm

    September 5, 2017 Andras Cser

    The business case for enterprise fraud management (EFM) depends on reducing fraud loss across multiple transaction types (typically payments). We looked at fraud loss, investigation labor, as well as EFM solution license and implementation costs and modeled four on-premises and software-as-a-service (SaaS) scenarios to support EFM business cases. Security and risk (S&R) professionals can use these to compare the ROI of on-premises and SaaS EFM solutions with that of manual EFM processes to build the business case for their firm.

View all research

Analysts Who Cover Governance Risk & Compliance (GRC)

View all related analysts