Market Report: GRC 2009
Beyond that we expect to see more complete GRC solutions which cover other aspects as well like the management of security events and incidents or availability and business continuity, to fully support the requirements on IT Governance.
Beyond that we as well expect advancements in the integration of enterprise-driven approaches, mainly for risk management (Enterprise Risk Management, ERM) and IT-driven approaches, e.g. IT Risk Management (IRM).
Today there are partial solutions with specific strengths in some of these functional areas. Over the course of the last 12 months, since the first release of this report, there have been significant improvements and several acquisitions. Through internal development and acquisitions we expect to see even more complete solutions in the 12 to 24 month timeframe. Given that the GRC market is growing well beyond average there is a good reasons for vendors to invest in that particular market segment.
We recommend to create a strategy for GRC with focus on short-term tactical investments, accepting the risk of choosing tools which will be replaced within 24 to 48 months, because the advantages are usually far beyond the costs imposed by such investments. Starting 18 to 30 months from now we expect the market to be mature enough for long-term strategic decisions.
|May 02, 2009||
Market Report: GRC 2009
GRC (Governance, Risk Management, Compliance) is amongst the most important emerging market segments in IT. Kuppinger Cole observes an trend towards tools which integrate analysis, attestation, authorization management, risk management, Segregation of Duties controls, and role management…
Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.
"There is always an easy solution to every problem - neat, plausible, and wrong. (H.L. Mencken) Finally, it's beginning: GDPR gains more and more visibility. Do you also get more and more GDPR-related marketing communication from IAM and security vendors, consulting firms and, ehm, analyst [...]
When dealing with consumers and customers directly the most important asset for any forward-thinking organisation is the data provided and collected for these new type of identities. The appropriate management of consumer identities is of utmost importance. Handing over personal data to a commercial organisation the consumer typically does this with two contrasting expectations. On one hand the consumer wants to benefit from the organisation as a contract partner for goods or services. Customer-facing organizations get into direct contact with their customers today as they are accessing their [...]