Investments in IAM and GRC have to solve current needs – but what about the future? With IAM and GRC building the cornerstones of a holistic security infrastructure, decisions within these areas are fundamentally influencing corporate IT and therefore should remain valid beyond a scope of some two or five years from now. For sure, things will change and technologies will evolve. But there are trends which can help in supporting decisions on IAM and GRC investments and reducing the risk of these decisions.