English   Deutsch   Русский   中文    

Overview Report: A GRC Reference Architecture

Governance, Risk & Compliance - these three terms, in short "GRC" are pretty widely used in these days. Unfortunately, there is great confusion in how this term is used. The reason for this confusion is with high probability the fact that it allows to sell pretty easily all kind of technology under the umbrella of "Risk" and "Compliance" solutions. But there are very precise areas that GRC should cover, and other that it shouldn't, for example "IT-GRC", the area of tools and methodologies to assure internal control within IT operations, should be part of it, but "Financial Risk" - a core activity of the financial department - shouldn't.

This report aims to clarify the term GRC by defining a reference architecture, what exactly should be part of a GRC framework and how the different parts interact. It looks at GRC from a company-wide point of view, assembling all activities that have a certain internal control nature, yet focused on cost effectiveness and overall capability building...


You can get access to this document for free, if you register for KuppingerCole Select access now.

Date Title Price
05.10.09 Overview Report: A GRC Reference Architecture


€195.00 Get access 
top
KuppingerCole Select
Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.
Register now
Spotlight
Real-time Security Intelligence
Over the last couple of years, challenges in the IT industry have led to the emergence of a new technology called Real-time Security Intelligence. The biggest technological breakthrough that made these solutions possible is Big Data analytics. The industry has finally reached the point, when business intelligence algorithms for large-scale data processing have become commoditized. This makes it possible to combine real-time and historical analysis and identify new incidents as being related to others that occurred in the past, which can greatly facilitate identification of ongoing APT attacks on the network.
KuppingerCole Analyst Services
KuppingerCole offers clients a wide range of reports, consulting options and events aimed at providing companies and organizations with a clear understanding of both technology and markets, enabling them to fine-tune their own strategies and projects avoid costly mistakes in choosing vendors and solutions.
Links
 KuppingerCole News

 KuppingerCole on Facebook

 KuppingerCole on Twitter

 KuppingerCole on Google+

 KuppingerCole on YouTube

 KuppingerCole at LinkedIn

 Our group at LinkedIn

 Our group at Xing

 GenericIAM
Imprint       General Terms and Conditions       Terms of Use       Privacy policy
© 2003-2014 KuppingerCole