Research and Markets (http://www.researchandmarkets.com/research/ec0f56/it_governance_ris) has announced the addition of the "IT Governance, Risk and Compliance Management in the Real World" report to their offering.
In recent months, IT GRC has emerged as a unifying theme aligning the management of IT, IT risk and regulatory compliance with the priorities of the business. But what does IT GRC mean in a practical sense, to the IT organization charged with its success? In a survey of more than 200 professionals in both IT and non-IT fields complemented by focus interviews with real world practitioners, this study identifies the processes, practices and technologies most highly valued by high performers in IT GRC management. This report highlights the vital role played by maturity in the core disciplines of IT Service Management, and describes how the “perfect storm” of people, process and technology unifies IT GRC as an effort that pays off in making IT a more strategic contributor to the business.
In recent months, the theme of IT governance, risk and compliance (IT GRC) management has arisen as the point of convergence where the governance of the organization intersects with the governance of IT, where the control of risk in, of, and by IT serves to control risk to the business, and where regulatory compliance directly affects IT.
Already in this short time, IT GRC has become a loaded term, high on expectations but far too often short on specifics. What exactly does IT GRC mean to enterprises pursuing the broad mandates implied? How do businesses reckon success with these initiatives, and what are the qualities that make for success in IT GRC management?
In this study, survey of 224 IT as well as non-IT professionals to answer these questions. While organizations of all sizes were represented, a full one-third (34%) of all respondents were very large enterprises of 20,000 employees or more were, with one-fourth (25%) reporting annual IT budgets in excess of $100 million. Although most respondents (89%) were based in North America, nearly half (46%) had a presence in Europe, the Middle East and Africa, while 40% were represented in the Asia-Pacific region, and 30% in the Americas.
Key Topics Covered: - Executive Summary - Issues and Challenges - Key Findings - High Performers and More Positive Outcomes - High Performers are Early Adopters of IT GRC Management Tools - Introduction: The Assurance Imperatives Facing Today's Technology-Dependent Enterprise - EMA's 2008 IT GRC Survey - Survey Demographics - Focus Interviews, Recent Events and Market Trends - Issues, Challenges and Priorities - Information Risk Control - Needed: Coherence in IT Governance - Disconnects Between the Business and IT - The Challenge of Measuring and Managing IT GRC Effectiveness - Disconnects Between Compliance and Risk Management - IT GRC: The "Perfect Storm" of People, Process and Technology - A "Real World" Definition of IT GRC - "Turning Process into a Strategic Asset" - ITIL Stands Out... - ...But Process Without Value is No Panacea - Risks of Promoting Empty Processes - Risks of Process Conflicts - The Essential Role of Technology - IT GRC: The Sum of All These Factors - High Performers Stand Apart - In Reduction of Disruptive Security Events - In Reduction of Unplanned Work, IT Change Success and Project Management Effectiveness - What Makes for a High Performer? - Criticality of IT--and IT GRC--to the Business - Enabling IT Governance: Definition and Accountability for IT GRC Objectives - Governance: Key to Information Risk Management - IT Governance and Risk Management Decision-Making - Business Alignment - IT Governance, Risk and Compliance Management in the Real World - (C)2008 Enterprise Management Associates, Inc All Rights Reserved - What Do High Performers Value? - Securityand Beyond - Business Risk Management in IT - Risk Management in Business IT Systems - From Security Threats to Fraud: The Evolution of Anomaly Detection in IT - High Performers and Essential IT GRC Foundations - Maturity and Discipline in Configuration and Change Control - Configuration Audit for Monitoring and Enforcement of Change Discipline - Configuration Inventory and Risk Correlation: The Value of the CMDB - Maturity in Access Control - Identity: Essential to Linking Access with Authentication and Authorization - Gaps in Entitlements Control Signal Breakdowns inAccess Risk Management Processes - Maturity in Business Continuity Planning and Preparedness - Event and Incident Management - Risk Management and Reality - Maturity in Risk Assessment - The Expanding Role of Risk Visibility - The Rise of Network Visibility - The Emergence of IT Risk Data Mining - Making the Most of Internal Audit - Can You Prove Your Risks are Well-Managed? - Post-event Risk Re-assessment - Challenges That Remain - The Ongoing Evolution of Information Risk Control - Toward a Higher Standard of Access Control: Closing the Gaps That Remain - Measuring and Managing IT GRC - Bringing Coherence to IT GRC Strategy: Early Adopters and Emerging Tools for IT GRC Management - GRC Management in Business Applications - Enterprise GRC Management Platforms - Systems Purpose-Built for IT GRC Management - EMA Perspective - Toward the Future - Technology Standards and Integration - Game Changers
For more information visit http://www.researchandmarkets.com/research/ec0f56/it_governance_ris
Contacts:
Laura Wood, Senior Manager, press@researchandmarkets.com
U.S.
Fax: 646-607-1907
Fax (outside U.S.): +353-1-481-1716
