Overview Report: A GRC Reference Architecture

Report Details

Governance, Risk & Compliance - these three terms, in short "GRC" are pretty widely used in these days. Unfortunately, there is great confusion in how this term is used. The reason for this confusion is with high probability the fact that it allows to sell pretty easily all kind of technology under the umbrella of "Risk" and "Compliance" solutions. But there are very precise areas that GRC should cover, and other that it shouldn't, for example "IT-GRC", the area of tools and methodologies to assure internal control within IT operations, should be part of it, but "Financial Risk" - a core activity of the financial department - shouldn't.

This report aims to clarify the term GRC by defining a reference architecture, what exactly should be part of a GRC framework and how the different parts interact. It looks at GRC from a company-wide point of view, assembling all activities that have a certain internal control nature, yet focused on cost effectiveness and overall capability building...

You can get access to this document for free, if you register for KuppingerCole Select access now.

Date Title Price
Oct 05, 2009

Overview Report: A GRC Reference Architecture

Governance, Risk & Compliance - these three terms, in short "GRC" are pretty widely used in these days. Unfortunately, there is great confusion in how this term is used. The reason for this confusion is with high probability the fact that it allows to sell pretty easily all…

€195.00 Get Access
Mastercard Visa PayPal INVOICE

Discover KuppingerCole

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Blog

Blog

Not Just Another Buzzword: Cyber Risk Governance

Today, companies are increasingly operating on the basis of IT systems and are thus dependant on them. Cyber risks must therefore be understood as business risks. The detection and prevention of cyber security threats and appropriate responses to them are among the most important activities to [...]

Latest Insights

Hot Topics

Spotlight

Privacy & the European Data Protection Regulation Learn more

Privacy & the European Data Protection Regulation

The EU GDPR (General Data Protection Regulation), becoming effective May 25, 2018, will have a global impact not only on data privacy, but on the interaction between businesses and their customers and consumers. Organizations must not restrict their GDPR initiatives to technical changes in consent management or PII protection, but need to review how they onboard customers and consumers and how to convince these of giving consent, but also review the amount and purposes of PII they collect. The impact of GDPR on businesses will be far bigger than most currently expect. [...]

Become a Client

Learn more about becoming a Client

Contact Us

Call Us

+49 211 2370770
Mo - Fr 8:00 - 17:00