As IT professionals log back in after the Thanksgiving holiday break, meeting regulatory compliance mandates continues to occupy significant amounts of both time and budget. The top regulatory compliance trends that affected IT this year have added more areas in which to manage risk and new challenges for reporting, all in the context of increased enforcement. IT governance, risk management and compliance software, or “GRC,” has been pitched by many vendors in suites that give IT compliance professionals better tools to manage processes, resources and reporting.
As senior writer Linda Tucci recently reported, IT is increasingly turning to enterprise risk management as uncertainty in the macroeconomic climate continues. Even as some enterprises have held off on further investments in GRC software, she observed, “the more budgets tightened, the more imperative it became that both IT and the business target their biggest exposures and eliminate redundant controls and audits.” For instance, in some areas, like carbon compliance, specialized GRC software has the potential to help turn carbon footprint management into cost savings.
Given continued interest in the potential of GRC software, we published a new governance, risk and compliance FAQ yesterday. If you know of neutral, useful governance, risk and compliance resources online that should be added to the FAQ, please let us know in the comments or by sending an email to firstname.lastname@example.org. As we add more resources to SearchCompliance.com, you’ll be able to find them at our IT governance, risk and compliance topic page. Also, make sure to check in throughout the week here on the IT Knowledge Exchange, which features two GRC blogs: “Regulatory Compliance, Governance and Security,” by Charles Denyer, and “IT Governance, Risk, and Compliance,” by Robert E. Davis.