Renee   Murphy

Renee Murphy

Principal Analyst Serving Security & Risk Professionals

Renee is a principal analyst at Forrester serving Security & Risk Professionals. She covers governance, risk, and compliance (GRC), with a special focus on audit, controls management, information security, and risk management. In this role, she helps Forrester clients strengthen their risk and compliance environments based on her extensive audit experience and technology expertise. Renee is also a frequent speaker at vendor events and industry conferences on subjects such as security and risk best practices and guidance on the implementation of Control Objectives for Information Technology (COBIT).

Previous Work Experience

Renee's previous work experience includes internal and external auditing, security consulting, data center management, network engineering, and compliance program implementations. Her work has spanned financial services, pharmaceuticals, life sciences, entertainment, retail, high-tech, and service industries.

Education

Renee attended The Pennsylvania State University's College of Fine Arts, and she is a member of ISACA, the Institute of Electrical and Electronics Engineers (IEEE), and the International Legal Technology Association (ILTA).

Renee Murphy

Principal Analyst Serving Security & Risk Professionals

Renee is a principal analyst at Forrester serving Security & Risk Professionals. She covers governance, risk, and compliance (GRC), with a special focus on audit, controls management, information security, and risk management. In this role, she helps Forrester clients strengthen their risk and compliance environments based on her extensive audit experience and technology expertise. Renee is also a frequent speaker at vendor events and industry conferences on subjects such as security and risk best practices and guidance on the implementation of Control Objectives for Information Technology (COBIT).

Previous Work Experience

Renee's previous work experience includes internal and external auditing, security consulting, data center management, network engineering, and compliance program implementations. Her work has spanned financial services, pharmaceuticals, life sciences, entertainment, retail, high-tech, and service industries.

Education

Renee attended The Pennsylvania State University's College of Fine Arts, and she is a member of ISACA, the Institute of Electrical and Electronics Engineers (IEEE), and the International Legal Technology Association (ILTA).

Renee Murphy's Research

Most RecentMost Popular
  • For Security & Risk Professionals

    REPORT: Maximize Business Performance With A World-Class GRC Program

    Executive Overview: The Governance, Risk, And Compliance Playbook

    September 28, 2018Renee Murphy, Claire O'Malley

    Governance, risk, and compliance (GRC) programs are essential for protecting business value and maximizing business performance. Yet too many organizations lack well-defined GRC programs or neglect funding them. Forrester's governance, risk, and compliance playbook helps risk professionals justify investments to develop mature programs that anticipate changes to the risk and regulatory landscape and protect the organization's ability to thrive in an increasingly competitive business environment.

  • For CIO Professionals

    REPORT: Assess Your Cybersecurity And Privacy Maturity

    Assessment: The Cybersecurity And Privacy Playbook

    September 25, 2018 Enza Iannopollo, Renee Murphy

    Weak cybersecurity and privacy practices reflect poorly on your company's brand, making it less attractive to customers, partners, employees, and investors. CIOs who want to drive business success must regularly assess their organization's approach to cybersecurity and privacy, then partner with their security and privacy colleagues to improve their programs. This report details the key capabilities that CIOs should focus on when measuring the maturity of their cybersecurity and privacy programs, providing a framework and tool for self-assessment.

  • For Security & Risk Professionals

    REPORT: Choose The Right Technologies To Support Your GRC Program

    Tools And Technology: The Governance, Risk, And Compliance Playbook

    August 13, 2018Renee Murphy, Claire O'Malley

    There comes a point in any GRC program when the massively complex efforts involved become too cumbersome to manage in separate systems and manual processes. Even if it were possible, there would be no headroom to generate any real business value. This report outlines the tools and technologies available to help risk management professionals efficiently manage the array of data points and processes required to meet their organization's risk and compliance needs — and provide business benefits along the way. This is an update of a previously published report; Forrester reviews and updates it periodically for continued relevance and accuracy.

  • For Security & Risk Professionals

    REPORT: Build A Governance, Risk, And Compliance Strategy Worthy Of Business Consideration

    Strategic Plan: The Governance, Risk, And Compliance Playbook

    July 20, 2018Renee Murphy

    Governance, risk, and compliance (GRC) are far too often functions of emergency response. To get your team and key stakeholders onboard and to show that all your efforts are helping your business perform better, you need a well-defined, documented, and widely visible GRC strategy. This report outlines the challenges you face without a strategy, best-practice examples of companies that have successfully built one, and a checklist of elements necessary for your strategy to stand up to scrutiny at all levels of the business. This is an update of a previously published report; Forrester reviews and updates it periodically for continued relevance and accuracy.

  • For Security & Risk Professionals

    REPORT: Protect Your Extended Ecosystem With Third-Party Cyber-Risk Scoring

    Continually Quantify The Cyber Risk Of Your Third Parties For Actionable Insights

    July 3, 2018 Nick Hayes, Claire O'Malley, Renee Murphy

    Managing the cybersecurity postures of your third parties is a crucial aspect of risk management. Third-party cyber-risk-scoring solutions are helping S&R pros identify, measure, and mitigate the cyber risks across their third-party ecosystem. In this report, we review the three types of solutions and how they can help prevent your organization from becoming the next publicized third-party breach.

View all of Renee Murphy's Research

Clients Who Work With Renee Murphy Also Work With:

View all related analysts