Clearing The Air On IT GRC

October 29th, 2008

Marc Othersen

Jonathan Penn

With contributors:

Khalid Kark , Christopher McClean , Alissa Dill

Summary

With the vast array of vendors claiming to have IT governance, risk, and compliance (IT GRC) products, the true definition of IT GRC has gotten lost, and security professionals are left confused and uncertain. In an effort to institute clarity, Forrester has defined the interconnected IT GRC life cycles using standards-based frameworks. Vendors that provide products to automate and integrate the functions of these life cycles are considered to be IT GRC vendors, while others are simply exploiting the well-deserved interest and attention in IT GRC to dress up their security products in new clothing.

Want to read the full report?

This report is available for individual purchase ($1495).

Forrester helps business and technology leaders use customer obsession to accelerate growth. That means empowering you to put the customer at the center of everything you do: your leadership strategy, and operations. Becoming a customer-obsessed organization requires change — it requires being bold. We give business and technology leaders the confidence to put bold into action, shaping and guiding how to navigate today's unprecedented change in order to succeed.