GRC – Governance, Risk, And Compliance

Governance, risk, and compliance (GRC) trends are always evolving. Follow Forrester’s latest research and insights on GRC trends.

Discover how Forrester supports IT leaders.

Insights

Blog

Generally Accepted AI Principles — “GAAIP” — Can Bridge The Trust Gap

Achim Granzen May 19, 2022
Organizations looking to scale their use of AI-enhanced decision-making are facing a dilemma. There is still a large gap between voluntary frameworks for responsible AI and actionable law and enforceable regulations. I wrote about Singapore’s Model AI Governance Framework in an earlier blog post. My colleague Guannan Lu has recently taken a look at China’s […]
Podcast

Will Web3 Live Up To Its Promise?

What It Means May 19, 2022
Web3 proponents have a grand vision of a fairer internet. But will it ever become reality? VP, Principal Analyst Martha Bennett examines both sides of this complex question.

US Public Sector Predictions 2022

Discover how the President's Management Agenda will shape agencies' priorities in 2022.

Blog

The Top Systemic Risks Changed In 2022, And Climate Change Was Left Out In The Cold

Renee Murphy April 20, 2022
It’s time for the latest “Top Systemic Risks” report. One of the biggest movers this year was climate change. Last year, as the pandemic dragged on, climate change ranked number five. This year, it ranked number eight. In the age of declaring climate goals and new markets requiring carbon reporting, corporations pushed climate change risk […]
Blog

Build Better Bridges: Introducing Forrester’s BISO Role Profile

Jess Burn April 19, 2022
BISOs operate on behalf of the CISO, serving as an advisor to the business unit’s functional leaders. They also engage as a member of the business unit’s senior leadership team to understand, discuss, and advise on the intersection of strategic priorities and key IT and security risks.
Blog

If Your Board Is Bored, Then You’re Boring

Sara M. Watson March 11, 2022
CIOs and CTOs have a complicated relationship with their boards. Now is a ripe opportunity for tech execs to become the digital expert your board needs.
Blog

Navigate China’s New Data And AI Regulations

Guannan Lu March 3, 2022
Firms often struggle to identify the appropriate security controls and practices to comply with fast-changing data regulations. Here are three practices firms should adapt to keep pace.
Blog

Setting The Record Straight On The Third-Party Risk Management Market

Alla Valente February 7, 2022
Third-party risk management (TPRM) is high on the list of business priorities and risk management priorities, and that’s a good thing. Despite predictions in the early days of the pandemic that firms would rein in outsourcing strategies, the third-party ecosystem continues to grow, smaller vendors and suppliers remain cybersecurity targets, the global regulatory machine continues […]

Predictions 2022 Live

Chart a bold path to success in 2022. Hear our predictions for the year ahead.

Blog

Enterprise Risk Pros Pivot From Compliance To Driving Faster, Better Decisions

Alla Valente February 3, 2022
The average firm’s list of business and risk management priorities looks very different today than it did two years ago. What’s changed? For starters, according to Forrester data, 43% of enterprise risk management (ERM) decision-makers report having experienced three or more discrete critical risk events over the past 12 months. The same group reveals that […]
Blog

The Emerging Cyber Risk Quantification Market: When CISOs Need Decisions, Not More Dashboards

Paul McKay January 31, 2022
Ask any CISO to articulate the ROI of their firm’s cybersecurity investment — or, worse yet — to defend an increase to the security budget, and you’re likely to get anything from a threat heat map to a 5×5 grid to a list of the latest threats with a flowchart of how the firm is […]
Blog

The Days When SA&T Operated Solely To Train People About Security Are Vanishing

Jinan Budge November 1, 2021
I’ve been living and breathing the security awareness and training (SA&T) market since joining Forrester 3.5 years ago, working closely with most vendors in this market, as well as our clients. I have seen a significant elevation in the conversation and client expectations, with vendors rushing to innovate and disrupt to meet these new expectations. […]
Blog

Employee Vaccination Mandates: Indecision Is The Riskiest Decision Of All

Alla Valente October 14, 2021
It can be the carrot or the stick, but the key to a successful vaccination incentive is to make a definitive decision.
Blog

GRC Platforms Morph From Maslow’s Hammer To The Swiss Army Knife

Alla Valente September 22, 2021
Winston Churchill said it best — “Never let a good crisis go to waste” — and governance, risk, and compliance (GRC) vendors have heeded the advice not once but twice. In 2002, after the Sarbanes-Oxley Act intended to protect investors from fraudulent accounting activities by corporations, vendors turned GRC technologies into a Maslow’s hammer of […]

European Predictions 2022

Visit our resource hub to discover the key trends impacting European businesses in 2022.

Blog

Stormy Times For Cloud Compliance?

Lee Sustar September 20, 2021
Find out why enterprise risk management (ERM) professionals are taking a hard look at compliance in the cloud.
Blog

What’s In A Name? “Product” Versus “Service”

Charles Betz September 20, 2021
“What’s in a name? That which we call a rose By any other name would smell as sweet.” — William Shakespeare, Romeo and Juliet, Act 2, Scene 2 One conversation I’ve found myself in over the past 20 years is the debate over IT portfolio terminology: Application Service Product Platform Why is this important? Because organizations use […]
Video

The Trust Imperative

Stephanie Balaouras May 12, 2021

Blog

GRC Platforms: What You Need To Know Before You Buy

Alla Valente April 13, 2021
Businesses always need to adapt their operations to changing circumstances, and the pandemic has only exacerbated the need to rethink risk management strategies. COVID-19 has simultaneously highlighted the necessity of risk management and exposed the gaps that exist in many governance, risk, and compliance (GRC) programs today. The pandemic also accelerated digital strategy and transformation […]
Blog

Vaccines Bring Hope, But New Challenges Arise

Tom Mouhsian March 17, 2021
There are now multiple COVID-19 vaccines paving the path to an eventual recovery of social and economic activity lost to the pandemic since 2020. However, it will not be an easy path due to tremendous challenges ranging from supply chain and distribution difficulties to ethical and policy-related concerns.

See the future and gain a competitive advantage for 2022

Discover 12 trends our research reveals will matter most this year. Download our Predictions 2022 Guide.

Blog

GRC And IAM — Better Together

Sean Ryan February 11, 2021
Struggling to define where GRC ends and IAM begins? Get a clear breakdown of how the two functions should work together in a broader risk management strategy.
Blog

Singapore’s Model AI Governance Framework Sets Out To Help Organizations Deploy AI Responsibly

Achim Granzen February 5, 2021
Principal Analyst Achim Granzen examines how Singapore’s AI governance initiatives can serve as a model for other organizations.
Blog

On International Data Privacy Day, Celebrate Your Employees’ Privacy

Enza Iannopollo January 28, 2021
In their haste to manage the pandemic's impact, many employers deprioritized their data protection responsibilities. Now is the time to renew the focus on employee privacy and confidentiality.
More posts