GRC Roll Up: Mapping your Risk and Surveying your Growth

By Marisa Peacock | Published Nov 5, 2009

This week in GRC: a new privacy manager to map your enterprise's risks, a conference for pique your interest in identity management and a survey that shows you're getting better at managing GRC.

Agiliance Maps Your Enterprise Data Protection Laws

The US-based governance, risk and compliance software vendor Agiliance has launched its new data governance solution, Privacy Manager. The solution deployment comes as new enforcement measures are enacted, starting with the American healthcare information protection act (HIPAA), which recently saw a US$ 2 million fine imposed on a healthcare provider for a breach. In addition enforcement measures have been added to HITECH Act, which extends California's data security breach notification requirements.

There’s no excuse for not being not being compliant and Privacy Manager makes it that much easier by offering extensive mapping of worldwide data protection laws. It enables organizations to assess, manage and report on privacy risk within their enterprise.

Identity & Access Management Conference

If Governance, Risk and Compliance is your thing, which I assume it is, be sure to attend the Gartner Identity & Access Management Summit, November 9-11 in sunny San Diego, CA.

Not only will you learn tips and tricks for managing your company’s security issues, you’ll also hear from some of the experts in the field, like Eric Sachs, Senior Product Manager at Google or Owen Unangst, Director, Innovative and Operational Architecture, USDA, Office of the Chief Information Officer.

From business to government, Gartner has you covered. It’s not too late, register today!

GRC Managers are Growing Up

Think you’re finally getting a handle on your GRC issues? A recent survey says you may be right. A survey sponsored by OpenPages, a provider of GRC application software, found that 28 percent of the customers surveyed were using what they described as a holistic set of applications to manage GRC, while 30 percent said they were using what they described as point products. Translation: companies are beginning to hone their expertise around specific tools and strategies rather than just using any old tool or platform.

However, this isn’t to say there aren’t plenty of GRC managers out there trying to manage things their own way. The survey also found that 43 percent said they still rely primarily on spreadsheets to manage the process.

While over the past year more companies have brought ediscovery in-house, the trend has begun to improve the way managers handle compliance issues. But more of that soon enough, when we cover predictions for e-discovery’s future. Stay tuned.