The Evolution of GRC (and CCM)
Posted on February 10th, 2010 by Katina »Permalink
If we know our readers at all (and we think we do), then we’ve got some must-read analysis for you from Forrester’s security and risk guru, Chris McClean. In a January report, he lays out the role that GRC is going to play in business in the wake of the financial meltdown – and in particular, the key role that CCM will have in helping ensure that GRC programs function as part of the business. This is something that McClean says is critical to their success . . . and that we’ve been saying for some time ourselves, actually. (A subscription is required for the full report, but Chris’s blog post on this one will give you the gist).
McClean predicts that compliance efficiency is going to be driving technology decisions in the near-term, since compliance folk are going to have their hands full (and budgets strapped) with new regulations increasing compliance requirements and regulators getting more aggressive about enforcement. As a result, he sees an elevated role for CCM in GRC, since CCM’s automated solutions offer a substantial decrease in compliance and audit costs along with more reliable and demonstrably stronger controls.
As our clients are seeing first-hand, CCM gives invaluable visibility across business processes, and the ability it provides to inspect transactions and data to identify mistakes and errors when they occur (and more important…before they become actual problems) is crucial too — not only for risk managers and auditors, but also for the finance department as they look to increase the efficiency and accuracy of core finance processes.
We do what we do, of course, because we love it. But it would be disingenuous to pretend we don’t like independent validation of our approach every once in awhile (more on that soon, too).
