Save or Share this Report

For Security & Risk Professionals

Optimize Your GRC Program For 2012 And Beyond

January 19, 2012

Why Read This Report

This report outlines Forrester's solution for security and risk (S&R) professionals looking to establish a formal risk and compliance management program. We designed this report to help S&R pros optimize their GRC strategy for 2012. Your governance, risk, and compliance (GRC) efforts set the parameters by which your organization achieves performance and meets objectives, so it's no surprise that putting together your GRC plan for the next 12 months can be as difficult as strategic planning for the organization. This process should include careful consideration not just of internal drivers but also the key trends affecting other businesses or agencies in your industry. As you put your plans together, expect the biggest trends in 2012 to include more of a platform approach to GRC product implementations, emphasis on programs for content aggregation and process standardization, continued struggles to include risk earlier in decision cycles, a slow but steady evolution of controls automation, and increasing scrutiny on programs rather than results. Stay on top of these trends by concentrating on GRC fundamentals and not pushing ahead too quickly on program maturity.

Get Access

Already a Client?

Log in to read this document.

Become a Forrester Client

Customers are the new market-makers, reshaping industries and changing how businesses compete and win. Success depends on how well and how fast you respond. Forrester Research gives you insights and frameworks aligned to your role to shorten the time between a great idea and a great outcome, helping your teams win in the age of the customer. Contact us to learn more.

Purchase Report

This report is available for individual purchase ($499 USD).


Table of Contents

  • For GRC Fundamentals, The Wisdom Of The Crowds Is Usually Best
  • 2011 Year In Review: Broader Adoption, But Little Progress Toward Maturity
  • For 2012, GRC Efforts Will Largely Focus On Aggregation And Standardization

  • GRC Professionals Have Been Too Impatient With Program Maturity
  • Supplemental Material
  • Related Research Documents

Recommended Research