A Closer Look At The Forrester Tech Tide™: Governance, Risk, And Compliance Management, Q4 2019

Being a security, risk, or compliance professional today is more stressful than ever! Many are overworked, overextended, and, frankly, overwhelmed, because digital transformation has fundamentally changed how companies deliver value to customers, which translates into a new set of variables for the organization with which to comply, protect, and secure. Meanwhile, today’s unprecedented levels of uncertainty in nearly all areas of the business require organizations to not only mitigate existing threats but also to identify emerging risks and safeguard the firm against them.

In our new “The Forrester Tech Tide™: Governance, Risk, And Compliance Management, Q4 2019” report, we segmented critical governance, risk, and compliance (GRC) technologies to aid risk and compliance pros as they seek to prioritize immediate needs and future investment in GRC management technology. This report breaks down these technologies into 18 distinct categories, each one supporting a critical process required to meet the organization’s risk and compliance needs.

The GRC technology market is growing, both from core technologies such as GRC platforms as well as new technology areas that offer deeper insights into specific areas like regtech, cyber risk quantification, and privacy management tools.

This Is Because:

  1. Third-party relationships require constant attention. Organizations continue to face threats presented by third parties and feel overwhelmingly ill-equipped to handle these relationships. Technology in this category offers significant business value for firms that have a process in place for third-party risk management already. Furthermore, cybersecurity ratings and external risk intelligence will become ubiquitous as firms invest in two or more of these technologies to assess the risks of third-party relationships.
  1. AI is the next essential step to regulatory compliance. As firms continue to collect huge volumes of data to improve digital customer experience, risk and compliance pros will turn to automation. Risk and compliance pros will need to use technology to automate the processing and collection of this data and to mitigate inherent risks associated with data security.
  1. Cyber risk quantification articulates value to key stakeholders. Cyber risk quantification tools identify the most significant risks based on the threats with the most consequential financial impact on the business. As cybersecurity continues to become a more relevant issue for C-level executives, cyber risk quantification technology will play a crucial role for firms measuring cybersecurity ROI.

Rise to meet the challenges and risks that digital transformation brings with new technology choices that reduce manual work and focus on your biggest risks. Read the full “The Forrester Tech Tide™: Governance, Risk, And Compliance Management, Q4 2019” report for our complete analysis — including category maturity and business value and our adoption guidance.

(written with Kate Pesa, senior research associate at Forrester)