Dominic Vogel recently published an article for TechRepublic that highlights issues for organizations to consider: “Governance, risk, compliance: four things to ponder about GRC initiatives.” With IT often challenged to ‘do more with less’, GRC becomes a way to realize efficiencies both for cost and for business effectiveness. Aligning GRC under a unified framework can “eventually lead to an environment where you can accurately determine what security controls to implement, how to gauge their effectiveness, and how to optimally support those controls.”
These four issues to consider are:
- GRC as a collaborative effort, not one by IT alone, both in planning as well as execution and maintenance
- Having the same “GRC language” between IT and executives
- Proper planning
- “What corporate policies do we want to manage, what risks do we want to be capable of assessing and responding to, and what compliance/regulatory requirements do we need to be able to monitor?”
- Finding the right GRC tool
Absolute Computrace can provide foundational support for all activities related to GRC for the endpoint. Learn more here.