Save or Share this Report

For Security & Risk Professionals

Clearing The Air On IT GRC

October 29, 2008


Why Read This Report

With the vast array of vendors claiming to have IT governance, risk, and compliance (IT GRC) products, the true definition of IT GRC has gotten lost, and security professionals are left confused and uncertain. In an effort to institute clarity, Forrester has defined the interconnected IT GRC life cycles using standards-based frameworks. Vendors that provide products to automate and integrate the functions of these life cycles are considered to be IT GRC vendors, while others are simply exploiting the well-deserved interest and attention in IT GRC to dress up their security products in new clothing.

Get Access

Already a Client?

Log in to read this document.

Become a Forrester Client

Customers are the new market-makers, reshaping industries and changing how businesses compete and win. Success depends on how well and how fast you respond. Forrester Research gives you insights and frameworks aligned to your role to shorten the time between a great idea and a great outcome, helping your teams win in the age of the customer. Contact us to learn more.

Purchase Report

This report is available for individual purchase ($499 USD).


Table of Contents

  • The Need For Clarity In IT GRC
  • The Separate Disciplines Of Governance, Risk, And Compliance
  • The New Relationship Among Governance, Risk, And Compliance
  • Discerning The True IT GRC Vendors From The Pretenders

  • Define Your IT GRC Requirements First, Then Look For Vendors That Can Help
  • Related Research Documents