English   Deutsch

GRC: Going beyond IAM

GRC (Governance, Risk Management, Compliance) has become a major business driver for IT. That isn't surprising. Beyond the legal requirements in becoming compliant to specific regulations like SOX, Euro-SOX, Basel II or the German BDSG (Data Privacy Law), to name just a few, Governance is the overall guideline for managing any organization. Compliance and Risk Management - defining, measuring, and handling the risks - are the two major aspects of Governance. IT, on the other hand, provides the tools for efficiently achieving the targets of GRC initiatives. Besides this, IT is a target for GRC initiatives because there are specific IT risks and compliance requirements. IT Governance, thus, is a major part of the overall Enterprise Governance.

During the last years, we've seen a fast-growing numbers of tools which claim to support in GRC or even to solve the issues the organizations are facing in GRC. Some entirely new market segments like Identity Risk Management evolved.

Interestingly, while not surprising, many of the tools in the GRC market deal with digital IDs. Business Role Management, e.g. assigning roles to users and, at the end, granting access rights to roles, is one area of such tools. SoDs (Segregation of Duties), Attestation of access rights, and the entire Auditing space are others. Some specific GRC implementations even support the provisioning and de-provisioning of accounts in connected systems.

Simply spoken, you can't address the GRC requirements successfully without a strong IAM backing. But GRC goes well beyond IAM, being a much more business-focused layer on top of the three main pillars of IT infrastructure, e.g. IAM, BSM, and SOA (as the commonly used synonym for the application infrastructure).

GRC is one of our most important research areas. This includes not only the specific applications for GRC, Identity Risk Management, or Business Role Management and SoDs, but covers as well the GRC-relevant aspects of Enterprise Content Management and industry-specific GRC solutions.
top
KuppingerCole Select
Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.
Register now
Research
KuppingerCole CIO GPS
The KuppingerCole CIO GPS shows the nine areas CIOs should focus on for IT Spend Optimization, Business IT/Alignment, and Strategic Procurement, when looking at GRC (Governance, Risk Management, Compliance) and Information Security. GPS stands for Governance, Privacy and Data Protection, and Security.
KuppingerCole BII: The Business Impact Indicator
The KuppingerCole BII is a Business Impact Indicator for Information Technology. It shows the business value a particular technology or initiative can deliver, in a single and clearly laid out graphic. It complements other KuppingerCole research methodology that shows which technologies are best for achieving the targets in IT Spend Optimization, Business/IT Alignment, and Strategic Procurement.
Services
KuppingerCole Analyst Services
In the networked economy of the 21st century, digital identities play a key role in establishing trust, achieving security, lowering costs and making business processes more efficient. Things like Identity and Access Management (IAM) or...
KuppingerCole Vendor Services
The market for Identity and Access Management (IAM), governance, risk management, and compliance (GRC) and cloud computing is expanding by leaps and bounds. In fact, no other segment of the IT market can boast such dynamic growth rates. At the...
KuppingerCole Briefings
KuppingerCole welcomes the opportunity to hear from IT companies when they launch a new product or service or have other interesting progress to announce. Please fill in the request form , and we will contact you shortly. 
Links
 KuppingerCole News

 KuppingerCole on Facebook

 KuppingerCole on Twitter

 KuppingerCole on Google+

 KuppingerCole at LinkedIn

 Our group at LinkedIn

 Our group at Xing

 GenericIAM
Imprint Terms and conditions Privacy policy
© 2003-2013 KuppingerCole