SlideShare uma empresa Scribd logo

GRC Fundamentals

Transferir como PPTX, PDF
3Sixty Insights
3Sixty Insights

A fragmented governance, risk, and compliance (GRC) landscape leaves organizations to sort through a multitude of visions. Blue Hill identifies basic defining characteristics of GRC and how the changing business environment is leading organizations to pay more attention.

TecnologiaNegócios
1 de 6
Governance, Risk, & Compliance Fundamentals David Houlihan Principal Analyst Blue Hill Research ©2013 Blue Hill Research. All Rights Reserved. ©2013 Blue Hill Research. All Rights Reserved.
Need for GRC Solutions is Growing, But Implementation is Challenging Compliance becomes top risk priority of Directors Increasing market / business volatility Demand for Solutions Regulatory regimes more complex Agencies more aggressive about enforcement The frequency and pain of data breaches is growing Information and function silos results in overlooked opportunities and exposures Sorting out GRC vendors visions and value propositions Challenges to Implementation ©2013 Blue Hill Research. All Rights Reserved. Difficulty conceptualizing ROI Unclear how to prioritize implementation strategies to maximize organizational benefit
Map GRC Capabilities to Organizational Needs GRC is maturing into a enterprise solution, but still suffers from fractured perspectives. Operational ? Users should start by determining functional areas and use cases that stand to benefit most. Financial? Enterprise? Legal? Organizations can then map out where core GRC capabilities can support their business processes. IT Security? Core GRC Capabilities Identify & Analyze Risks Set Controls ©2013 Blue Hill Research. All Rights Reserved. Monitor Identify Vulnerabilities Respond to incidents Report
The “Success Factors” of GRC Minimize exposure Reduce Compliance Cost Recognize Opp./Risk Executive Finance Maintain Data Security Technology Technology Remove Silos Reduce redundancy/complexity Line of Business LOB Reduce time spent on compliance tasks ©2013 Blue Hill Research. All Rights Reserved. Increase profile in organization
Key Themes to Consider Roll-up of “point” GRC to enterprise GRC Compliance as a C-suite initiative Risk agility and intelligence Data privacy and security Social media risk Anti-bribery, anti-laundering, and anti-terror compliance ©2013 Blue Hill Research. All Rights Reserved.
Thank you! To join the conversation, follow us on Phone: +1 (617) 624-3600 ©2013 Blue Hill Research. All Rights Reserved. Contact Sales: sales@bluehillresearch.com Contact Research: research@bluehillresearch.com 1

Recomendados

Grc governance, risk management & compliance
Grc governance, risk management & complianceGrc governance, risk management & compliance
Grc governance, risk management & complianceHR Globe Consulting
 
Governance risk and compliance
Governance risk and complianceGovernance risk and compliance
Governance risk and complianceMagdalena Matell
 
Governance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management SolutionGovernance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management SolutionRishabh Software
 
What is GRC – Governance, Risk and Compliance
What is GRC – Governance, Risk and Compliance What is GRC – Governance, Risk and Compliance
What is GRC – Governance, Risk and Compliance BOC Group
 
GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014Paul Simidi
 
Governance, risk and compliance framework
Governance, risk and compliance frameworkGovernance, risk and compliance framework
Governance, risk and compliance frameworkCeyeap
 
Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)Alex Todd
 
Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001PECB
 

Recomendados

Grc governance, risk management & compliance
Grc governance, risk management & complianceGrc governance, risk management & compliance
Grc governance, risk management & complianceHR Globe Consulting
 
Governance risk and compliance
Governance risk and complianceGovernance risk and compliance
Governance risk and complianceMagdalena Matell
 
Governance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management SolutionGovernance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management SolutionRishabh Software
 
What is GRC – Governance, Risk and Compliance
What is GRC – Governance, Risk and Compliance What is GRC – Governance, Risk and Compliance
What is GRC – Governance, Risk and Compliance BOC Group
 
GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014Paul Simidi
 
Governance, risk and compliance framework
Governance, risk and compliance frameworkGovernance, risk and compliance framework
Governance, risk and compliance frameworkCeyeap
 
Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)Alex Todd
 
Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001PECB
 
GRC
GRCGRC
GRCMaryam Hidayatallah CPFA,MIPA,MA,CICA
 
Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3Dam Frank
 
GRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveGRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveMax Neira Schliemann
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesCapgemini
 
Auditing SOX ITGC Compliance
Auditing SOX ITGC ComplianceAuditing SOX ITGC Compliance
Auditing SOX ITGC Complianceseanpizzy
 
Third-Party Risk Management: Implementing a Strategy
Third-Party Risk Management: Implementing a StrategyThird-Party Risk Management: Implementing a Strategy
Third-Party Risk Management: Implementing a StrategyNICSA
 
Strategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management RightStrategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management RightProformative, Inc.
 
Strategic Risk Management in the Face of Uncertainty and Unexpected Risks
Strategic Risk Management in the Face of Uncertainty and Unexpected RisksStrategic Risk Management in the Face of Uncertainty and Unexpected Risks
Strategic Risk Management in the Face of Uncertainty and Unexpected RisksInternational Federation of Accountants
 
Information Security Governance and Strategy
Information Security Governance and Strategy Information Security Governance and Strategy
Information Security Governance and Strategy Dam Frank
 
FSI_Third Party Risk Management_Deloitte PoV
FSI_Third Party Risk Management_Deloitte PoVFSI_Third Party Risk Management_Deloitte PoV
FSI_Third Party Risk Management_Deloitte PoVFrederic Girardeau-Montaut
 
CRISC Course Preview
CRISC Course PreviewCRISC Course Preview
CRISC Course PreviewInvensis Learning
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
 
SOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security Controls
SOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security ControlsSOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security Controls
SOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security ControlsMark S. Mahre
 
Information security governance
Information security governanceInformation security governance
Information security governanceKoen Maris
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 IntroductionAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
Compliance framework
Compliance frameworkCompliance framework
Compliance frameworkManoj Agarwal
 
Control Standards for Information Security
Control Standards for Information SecurityControl Standards for Information Security
Control Standards for Information SecurityJohnHPazEMCPMPITIL5G
 
Integrated GRC
Integrated GRCIntegrated GRC
Integrated GRCTranscendent Group
 
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...PECB
 
ISO 27001 Benefits
ISO 27001 BenefitsISO 27001 Benefits
ISO 27001 BenefitsDejan Kosutic
 
Blue Hill Research: Managing Mobile Now and in the Future
Blue Hill Research: Managing Mobile Now and in the FutureBlue Hill Research: Managing Mobile Now and in the Future
Blue Hill Research: Managing Mobile Now and in the Future3Sixty Insights
 
Hurricane Preparedness for Business Continuity - GRC Learning Series
Hurricane Preparedness for Business Continuity - GRC Learning SeriesHurricane Preparedness for Business Continuity - GRC Learning Series
Hurricane Preparedness for Business Continuity - GRC Learning Seriespeak10datacentersolutions
 

Mais conteúdo relacionado

Mais procurados

Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3Dam Frank
 
GRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveGRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveMax Neira Schliemann
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesCapgemini
 
Auditing SOX ITGC Compliance
Auditing SOX ITGC ComplianceAuditing SOX ITGC Compliance
Auditing SOX ITGC Complianceseanpizzy
 
Third-Party Risk Management: Implementing a Strategy
Third-Party Risk Management: Implementing a StrategyThird-Party Risk Management: Implementing a Strategy
Third-Party Risk Management: Implementing a StrategyNICSA
 
Strategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management RightStrategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management RightProformative, Inc.
 
Strategic Risk Management in the Face of Uncertainty and Unexpected Risks
Strategic Risk Management in the Face of Uncertainty and Unexpected RisksStrategic Risk Management in the Face of Uncertainty and Unexpected Risks
Strategic Risk Management in the Face of Uncertainty and Unexpected RisksInternational Federation of Accountants
 
Information Security Governance and Strategy
Information Security Governance and Strategy Information Security Governance and Strategy
Information Security Governance and Strategy Dam Frank
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
 
SOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security Controls
SOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security ControlsSOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security Controls
SOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security ControlsMark S. Mahre
 
Information security governance
Information security governanceInformation security governance
Information security governanceKoen Maris
 
Compliance framework
Compliance frameworkCompliance framework
Compliance frameworkManoj Agarwal
 
Control Standards for Information Security
Control Standards for Information SecurityControl Standards for Information Security
Control Standards for Information SecurityJohnHPazEMCPMPITIL5G
 
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...PECB
 

Mais procurados (20)

GRC
GRCGRC
GRC
 
Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3
 
GRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveGRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance Executive
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance Services
 
Auditing SOX ITGC Compliance
Auditing SOX ITGC ComplianceAuditing SOX ITGC Compliance
Auditing SOX ITGC Compliance
 
Third-Party Risk Management: Implementing a Strategy
Third-Party Risk Management: Implementing a StrategyThird-Party Risk Management: Implementing a Strategy
Third-Party Risk Management: Implementing a Strategy
 
Strategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management RightStrategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management Right
 
Strategic Risk Management in the Face of Uncertainty and Unexpected Risks
Strategic Risk Management in the Face of Uncertainty and Unexpected RisksStrategic Risk Management in the Face of Uncertainty and Unexpected Risks
Strategic Risk Management in the Face of Uncertainty and Unexpected Risks
 
Information Security Governance and Strategy
Information Security Governance and Strategy Information Security Governance and Strategy
Information Security Governance and Strategy
 
FSI_Third Party Risk Management_Deloitte PoV
FSI_Third Party Risk Management_Deloitte PoVFSI_Third Party Risk Management_Deloitte PoV
FSI_Third Party Risk Management_Deloitte PoV
 
CRISC Course Preview
CRISC Course PreviewCRISC Course Preview
CRISC Course Preview
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security Framework
 
SOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security Controls
SOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security ControlsSOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security Controls
SOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security Controls
 
Information security governance
Information security governanceInformation security governance
Information security governance
 
ISO 27001:2022 Introduction
ISO 27001:2022 IntroductionISO 27001:2022 Introduction
ISO 27001:2022 Introduction
 
Compliance framework
Compliance frameworkCompliance framework
Compliance framework
 
Control Standards for Information Security
Control Standards for Information SecurityControl Standards for Information Security
Control Standards for Information Security
 
Integrated GRC
Integrated GRCIntegrated GRC
Integrated GRC
 
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
 
ISO 27001 Benefits
ISO 27001 BenefitsISO 27001 Benefits
ISO 27001 Benefits
 

Destaque

Blue Hill Research: Managing Mobile Now and in the Future
Blue Hill Research: Managing Mobile Now and in the FutureBlue Hill Research: Managing Mobile Now and in the Future
Blue Hill Research: Managing Mobile Now and in the Future3Sixty Insights
 
Hurricane Preparedness for Business Continuity - GRC Learning Series
Hurricane Preparedness for Business Continuity - GRC Learning SeriesHurricane Preparedness for Business Continuity - GRC Learning Series
Hurricane Preparedness for Business Continuity - GRC Learning Seriespeak10datacentersolutions
 
Mobile Apps 101
Mobile Apps 101Mobile Apps 101
Mobile Apps 101MotionMobs
 
Construyendo la reputacion corporativa desde el principio
Construyendo la reputacion corporativa desde el principioConstruyendo la reputacion corporativa desde el principio
Construyendo la reputacion corporativa desde el principioPedro Antonio García López
 
The analytic hero's journey
The analytic hero's journeyThe analytic hero's journey
The analytic hero's journey3Sixty Insights
 
Presentation1 karen-mc-clintock
Presentation1 karen-mc-clintockPresentation1 karen-mc-clintock
Presentation1 karen-mc-clintockMilliCanada
 
CMU Portugal inRes Initiative Presentation April 2014
CMU Portugal inRes Initiative Presentation April 2014CMU Portugal inRes Initiative Presentation April 2014
CMU Portugal inRes Initiative Presentation April 2014CMUPortugal_
 
The Analytic Hero’s Journey
The Analytic Hero’s JourneyThe Analytic Hero’s Journey
The Analytic Hero’s Journey3Sixty Insights
 
Research guides tour (February 2016)
Research guides tour (February 2016)Research guides tour (February 2016)
Research guides tour (February 2016)lis02215
 
201502 cmu portugal_highlights
201502 cmu portugal_highlights201502 cmu portugal_highlights
201502 cmu portugal_highlightsCMUPortugal_
 
Why AWS's Redshift is a Game Changer
Why AWS's Redshift is a Game ChangerWhy AWS's Redshift is a Game Changer
Why AWS's Redshift is a Game Changer3Sixty Insights
 
Library website features (February 2016)
Library website features (February 2016)Library website features (February 2016)
Library website features (February 2016)lis02215
 
10 Things About the Library Website
10 Things About the Library Website10 Things About the Library Website
10 Things About the Library Websitelis02215
 
Naperville north tech workshop day 1
Naperville north tech workshop day 1Naperville north tech workshop day 1
Naperville north tech workshop day 1joeewilson
 

Destaque (20)

Blue Hill Research: Managing Mobile Now and in the Future
Blue Hill Research: Managing Mobile Now and in the FutureBlue Hill Research: Managing Mobile Now and in the Future
Blue Hill Research: Managing Mobile Now and in the Future
 
Hurricane Preparedness for Business Continuity - GRC Learning Series
Hurricane Preparedness for Business Continuity - GRC Learning SeriesHurricane Preparedness for Business Continuity - GRC Learning Series
Hurricane Preparedness for Business Continuity - GRC Learning Series
 
Mobile Apps 101
Mobile Apps 101Mobile Apps 101
Mobile Apps 101
 
Ourschool
OurschoolOurschool
Ourschool
 
Construyendo la reputacion corporativa desde el principio
Construyendo la reputacion corporativa desde el principioConstruyendo la reputacion corporativa desde el principio
Construyendo la reputacion corporativa desde el principio
 
Presentation encuesta
Presentation encuesta Presentation encuesta
Presentation encuesta
 
The analytic hero's journey
The analytic hero's journeyThe analytic hero's journey
The analytic hero's journey
 
Shopper insights Tracking
Shopper insights Tracking Shopper insights Tracking
Shopper insights Tracking
 
Food Safety Webcast: Allergen Management
Food Safety Webcast: Allergen ManagementFood Safety Webcast: Allergen Management
Food Safety Webcast: Allergen Management
 
Presentation1 karen-mc-clintock
Presentation1 karen-mc-clintockPresentation1 karen-mc-clintock
Presentation1 karen-mc-clintock
 
CMU Portugal inRes Initiative Presentation April 2014
CMU Portugal inRes Initiative Presentation April 2014CMU Portugal inRes Initiative Presentation April 2014
CMU Portugal inRes Initiative Presentation April 2014
 
The Analytic Hero’s Journey
The Analytic Hero’s JourneyThe Analytic Hero’s Journey
The Analytic Hero’s Journey
 
Research guides tour (February 2016)
Research guides tour (February 2016)Research guides tour (February 2016)
Research guides tour (February 2016)
 
201502 cmu portugal_highlights
201502 cmu portugal_highlights201502 cmu portugal_highlights
201502 cmu portugal_highlights
 
Why AWS's Redshift is a Game Changer
Why AWS's Redshift is a Game ChangerWhy AWS's Redshift is a Game Changer
Why AWS's Redshift is a Game Changer
 
Library website features (February 2016)
Library website features (February 2016)Library website features (February 2016)
Library website features (February 2016)
 
10 Things About the Library Website
10 Things About the Library Website10 Things About the Library Website
10 Things About the Library Website
 
Naperville north tech workshop day 1
Naperville north tech workshop day 1Naperville north tech workshop day 1
Naperville north tech workshop day 1
 
Ch4 1 v1
Ch4 1 v1Ch4 1 v1
Ch4 1 v1
 
Ch3 5 v1
Ch3 5 v1Ch3 5 v1
Ch3 5 v1
 

Semelhante a GRC Fundamentals

GRC Strategies in a Business_ Trends and Challenges.pdf
GRC Strategies in a Business_ Trends and Challenges.pdfGRC Strategies in a Business_ Trends and Challenges.pdf
GRC Strategies in a Business_ Trends and Challenges.pdfbasilmph
 
Applying risk management_to_your_business_continuity_management_efforts
Applying risk management_to_your_business_continuity_management_effortsApplying risk management_to_your_business_continuity_management_efforts
Applying risk management_to_your_business_continuity_management_effortsSubhajit Bhuiya
 
7 Grc Myths Webinar 20110127 Final (2)
7 Grc Myths Webinar 20110127 Final (2)7 Grc Myths Webinar 20110127 Final (2)
7 Grc Myths Webinar 20110127 Final (2)GBBLUME
 
13 Top GRC Tools for an Integrated Governance, Risk and Compliance Strategy
13 Top GRC Tools for an Integrated Governance, Risk and Compliance Strategy13 Top GRC Tools for an Integrated Governance, Risk and Compliance Strategy
13 Top GRC Tools for an Integrated Governance, Risk and Compliance StrategyQuekelsBaro
 
Managing the Complexities of Governance, Risk & Compliance Requires
Managing the Complexities of Governance, Risk & Compliance RequiresManaging the Complexities of Governance, Risk & Compliance Requires
Managing the Complexities of Governance, Risk & Compliance RequiresWNS Global Services
 
Streamlining Identity and Access Management through Unified Identity and Acce...
Streamlining Identity and Access Management through Unified Identity and Acce...Streamlining Identity and Access Management through Unified Identity and Acce...
Streamlining Identity and Access Management through Unified Identity and Acce...happiestmindstech
 
Information Rich, Knowledge Poor: Overcoming Insurers’ Data Conundrum
Information Rich, Knowledge Poor: Overcoming Insurers’ Data ConundrumInformation Rich, Knowledge Poor: Overcoming Insurers’ Data Conundrum
Information Rich, Knowledge Poor: Overcoming Insurers’ Data ConundrumDeloitte United States
 
Analytics for manufacturers: The three-minute guide
Analytics for manufacturers: The three-minute guideAnalytics for manufacturers: The three-minute guide
Analytics for manufacturers: The three-minute guideDeloitte United States
 
Ags001 Wilhoit 091707
Ags001 Wilhoit 091707Ags001 Wilhoit 091707
Ags001 Wilhoit 091707Dreamforce07
 
ADP Human Capital Insights Magazine - Volume 2
ADP Human Capital Insights Magazine - Volume 2ADP Human Capital Insights Magazine - Volume 2
ADP Human Capital Insights Magazine - Volume 2Mark Schmitt
 
Risk & Advisory Services: Quarterly Risk Advisor Feb. 2016
Risk & Advisory Services: Quarterly Risk Advisor Feb. 2016Risk & Advisory Services: Quarterly Risk Advisor Feb. 2016
Risk & Advisory Services: Quarterly Risk Advisor Feb. 2016CBIZ, Inc.
 
Tech M&A Monthly - What To Do When You're Approached - December 2013
Tech M&A Monthly - What To Do When You're Approached - December 2013Tech M&A Monthly - What To Do When You're Approached - December 2013
Tech M&A Monthly - What To Do When You're Approached - December 2013Corum Group
 
How It All Ties Together Sun Idm Roadshow For Sun
How It All Ties Together Sun Idm Roadshow For SunHow It All Ties Together Sun Idm Roadshow For Sun
How It All Ties Together Sun Idm Roadshow For Sunvijaychn
 
Improve success DevOps
Improve success DevOpsImprove success DevOps
Improve success DevOpsAbhishek Sood
 
Innovatively Managing the Business Process to Create Excellence
Innovatively Managing the Business Process to Create ExcellenceInnovatively Managing the Business Process to Create Excellence
Innovatively Managing the Business Process to Create ExcellenceTata Consultancy Services
 
Big data governance as a corporate governance imperative
Big data governance as a corporate governance imperativeBig data governance as a corporate governance imperative
Big data governance as a corporate governance imperativeGuy Pearce
 
Integrc: Turning GRC vision into reality
Integrc: Turning GRC vision into realityIntegrc: Turning GRC vision into reality
Integrc: Turning GRC vision into realityIntegrc
 

Semelhante a GRC Fundamentals (20)

GRC Strategies in a Business_ Trends and Challenges.pdf
GRC Strategies in a Business_ Trends and Challenges.pdfGRC Strategies in a Business_ Trends and Challenges.pdf
GRC Strategies in a Business_ Trends and Challenges.pdf
 
Applying risk management_to_your_business_continuity_management_efforts
Applying risk management_to_your_business_continuity_management_effortsApplying risk management_to_your_business_continuity_management_efforts
Applying risk management_to_your_business_continuity_management_efforts
 
7 Grc Myths Webinar 20110127 Final (2)
7 Grc Myths Webinar 20110127 Final (2)7 Grc Myths Webinar 20110127 Final (2)
7 Grc Myths Webinar 20110127 Final (2)
 
13 Top GRC Tools for an Integrated Governance, Risk and Compliance Strategy
13 Top GRC Tools for an Integrated Governance, Risk and Compliance Strategy13 Top GRC Tools for an Integrated Governance, Risk and Compliance Strategy
13 Top GRC Tools for an Integrated Governance, Risk and Compliance Strategy
 
Managing the Complexities of Governance, Risk & Compliance Requires
Managing the Complexities of Governance, Risk & Compliance RequiresManaging the Complexities of Governance, Risk & Compliance Requires
Managing the Complexities of Governance, Risk & Compliance Requires
 
SLVA - Developing an IT GRC Strategy
SLVA - Developing an IT GRC StrategySLVA - Developing an IT GRC Strategy
SLVA - Developing an IT GRC Strategy
 
Streamlining Identity and Access Management through Unified Identity and Acce...
Streamlining Identity and Access Management through Unified Identity and Acce...Streamlining Identity and Access Management through Unified Identity and Acce...
Streamlining Identity and Access Management through Unified Identity and Acce...
 
Information Rich, Knowledge Poor: Overcoming Insurers’ Data Conundrum
Information Rich, Knowledge Poor: Overcoming Insurers’ Data ConundrumInformation Rich, Knowledge Poor: Overcoming Insurers’ Data Conundrum
Information Rich, Knowledge Poor: Overcoming Insurers’ Data Conundrum
 
Analytics for manufacturers: The three-minute guide
Analytics for manufacturers: The three-minute guideAnalytics for manufacturers: The three-minute guide
Analytics for manufacturers: The three-minute guide
 
Ags001 Wilhoit 091707
Ags001 Wilhoit 091707Ags001 Wilhoit 091707
Ags001 Wilhoit 091707
 
task 1
task 1task 1
task 1
 
ADP Human Capital Insights Magazine - Volume 2
ADP Human Capital Insights Magazine - Volume 2ADP Human Capital Insights Magazine - Volume 2
ADP Human Capital Insights Magazine - Volume 2
 
Risk & Advisory Services: Quarterly Risk Advisor Feb. 2016
Risk & Advisory Services: Quarterly Risk Advisor Feb. 2016Risk & Advisory Services: Quarterly Risk Advisor Feb. 2016
Risk & Advisory Services: Quarterly Risk Advisor Feb. 2016
 
Tech M&A Monthly - What To Do When You're Approached - December 2013
Tech M&A Monthly - What To Do When You're Approached - December 2013Tech M&A Monthly - What To Do When You're Approached - December 2013
Tech M&A Monthly - What To Do When You're Approached - December 2013
 
How It All Ties Together Sun Idm Roadshow For Sun
How It All Ties Together Sun Idm Roadshow For SunHow It All Ties Together Sun Idm Roadshow For Sun
How It All Ties Together Sun Idm Roadshow For Sun
 
Improve success DevOps
Improve success DevOpsImprove success DevOps
Improve success DevOps
 
Innovatively Managing the Business Process to Create Excellence
Innovatively Managing the Business Process to Create ExcellenceInnovatively Managing the Business Process to Create Excellence
Innovatively Managing the Business Process to Create Excellence
 
Concept of Governance - Management of Operational Risk for IT Officers/Execut...
Concept of Governance - Management of Operational Risk for IT Officers/Execut...Concept of Governance - Management of Operational Risk for IT Officers/Execut...
Concept of Governance - Management of Operational Risk for IT Officers/Execut...
 
Big data governance as a corporate governance imperative
Big data governance as a corporate governance imperativeBig data governance as a corporate governance imperative
Big data governance as a corporate governance imperative
 
Integrc: Turning GRC vision into reality
Integrc: Turning GRC vision into realityIntegrc: Turning GRC vision into reality
Integrc: Turning GRC vision into reality
 

Mais de 3Sixty Insights

The Future of Finance in a World of Global Digital Transformation
The Future of Finance in a World of Global Digital TransformationThe Future of Finance in a World of Global Digital Transformation
The Future of Finance in a World of Global Digital Transformation3Sixty Insights
 
The Analytic Hero's Journey
The Analytic Hero's JourneyThe Analytic Hero's Journey
The Analytic Hero's Journey3Sixty Insights
 
The Foundations of Social Media Risk Management
The Foundations of Social Media Risk ManagementThe Foundations of Social Media Risk Management
The Foundations of Social Media Risk Management3Sixty Insights
 
ROI of A Liberated Data Analyst
ROI of A Liberated Data AnalystROI of A Liberated Data Analyst
ROI of A Liberated Data Analyst3Sixty Insights
 
Achieving Better Credit and Collections with FinancialForce Accounting & Chatter
Achieving Better Credit and Collections with FinancialForce Accounting & ChatterAchieving Better Credit and Collections with FinancialForce Accounting & Chatter
Achieving Better Credit and Collections with FinancialForce Accounting & Chatter3Sixty Insights
 
Choosing AirWatch by VMware as a BYOD solution - A Blue Hill Research Case Study
Choosing AirWatch by VMware as a BYOD solution - A Blue Hill Research Case StudyChoosing AirWatch by VMware as a BYOD solution - A Blue Hill Research Case Study
Choosing AirWatch by VMware as a BYOD solution - A Blue Hill Research Case Study3Sixty Insights
 
Investing in the Front End of Compliance
Investing in the Front End of ComplianceInvesting in the Front End of Compliance
Investing in the Front End of Compliance3Sixty Insights
 
SMAC talk for the enterprise
SMAC talk for the enterpriseSMAC talk for the enterprise
SMAC talk for the enterprise3Sixty Insights
 
Microsoft, Innovation, and its HR Failure
Microsoft, Innovation, and its HR FailureMicrosoft, Innovation, and its HR Failure
Microsoft, Innovation, and its HR Failure3Sixty Insights
 

Mais de 3Sixty Insights (9)

The Future of Finance in a World of Global Digital Transformation
The Future of Finance in a World of Global Digital TransformationThe Future of Finance in a World of Global Digital Transformation
The Future of Finance in a World of Global Digital Transformation
 
The Analytic Hero's Journey
The Analytic Hero's JourneyThe Analytic Hero's Journey
The Analytic Hero's Journey
 
The Foundations of Social Media Risk Management
The Foundations of Social Media Risk ManagementThe Foundations of Social Media Risk Management
The Foundations of Social Media Risk Management
 
ROI of A Liberated Data Analyst
ROI of A Liberated Data AnalystROI of A Liberated Data Analyst
ROI of A Liberated Data Analyst
 
Achieving Better Credit and Collections with FinancialForce Accounting & Chatter
Achieving Better Credit and Collections with FinancialForce Accounting & ChatterAchieving Better Credit and Collections with FinancialForce Accounting & Chatter
Achieving Better Credit and Collections with FinancialForce Accounting & Chatter
 
Choosing AirWatch by VMware as a BYOD solution - A Blue Hill Research Case Study
Choosing AirWatch by VMware as a BYOD solution - A Blue Hill Research Case StudyChoosing AirWatch by VMware as a BYOD solution - A Blue Hill Research Case Study
Choosing AirWatch by VMware as a BYOD solution - A Blue Hill Research Case Study
 
Investing in the Front End of Compliance
Investing in the Front End of ComplianceInvesting in the Front End of Compliance
Investing in the Front End of Compliance
 
SMAC talk for the enterprise
SMAC talk for the enterpriseSMAC talk for the enterprise
SMAC talk for the enterprise
 
Microsoft, Innovation, and its HR Failure
Microsoft, Innovation, and its HR FailureMicrosoft, Innovation, and its HR Failure
Microsoft, Innovation, and its HR Failure
 

Último

Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbuapidays
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...apidays
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 

Último (20)

Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 

GRC Fundamentals

  • 1. Governance, Risk, & Compliance Fundamentals David Houlihan Principal Analyst Blue Hill Research ©2013 Blue Hill Research. All Rights Reserved. ©2013 Blue Hill Research. All Rights Reserved.
  • 2. Need for GRC Solutions is Growing, But Implementation is Challenging Compliance becomes top risk priority of Directors Increasing market / business volatility Demand for Solutions Regulatory regimes more complex Agencies more aggressive about enforcement The frequency and pain of data breaches is growing Information and function silos results in overlooked opportunities and exposures Sorting out GRC vendors visions and value propositions Challenges to Implementation ©2013 Blue Hill Research. All Rights Reserved. Difficulty conceptualizing ROI Unclear how to prioritize implementation strategies to maximize organizational benefit
  • 3. Map GRC Capabilities to Organizational Needs GRC is maturing into a enterprise solution, but still suffers from fractured perspectives. Operational ? Users should start by determining functional areas and use cases that stand to benefit most. Financial? Enterprise? Legal? Organizations can then map out where core GRC capabilities can support their business processes. IT Security? Core GRC Capabilities Identify & Analyze Risks Set Controls ©2013 Blue Hill Research. All Rights Reserved. Monitor Identify Vulnerabilities Respond to incidents Report
  • 4. The “Success Factors” of GRC Minimize exposure Reduce Compliance Cost Recognize Opp./Risk Executive Finance Maintain Data Security Technology Technology Remove Silos Reduce redundancy/complexity Line of Business LOB Reduce time spent on compliance tasks ©2013 Blue Hill Research. All Rights Reserved. Increase profile in organization
  • 5. Key Themes to Consider Roll-up of “point” GRC to enterprise GRC Compliance as a C-suite initiative Risk agility and intelligence Data privacy and security Social media risk Anti-bribery, anti-laundering, and anti-terror compliance ©2013 Blue Hill Research. All Rights Reserved.
  • 6. Thank you! To join the conversation, follow us on Phone: +1 (617) 624-3600 ©2013 Blue Hill Research. All Rights Reserved. Contact Sales: sales@bluehillresearch.com Contact Research: research@bluehillresearch.com 1