According to the 2014 IT Priorities Survey released by Tech Target, GRC programs are on the rise this year. The survey reported that 82% of organizations will already have, or are planning to implement, a formal governance, risk and compliance (GRC) program in 2014.
The growth in proactive GRC programs has been driven by increased regulations, expanded IT security threats and a rapidly growing data footprint, notes Derek Gascon, executive director of the Compliance, Governance and Oversight Council (CGOC).
"There is so much new data they have to deal with," Gascon said. "Organizations are realizing the amount of information they are generating has to be managed in a way that they can more easily produce it when necessary, and also be able to protect it throughout the lifecycle."
According to the report, many companies continue to struggle with GRC projects, particularly when numerous projects are on the go, often competing from department to department. Industry experts believe that the majority of GRC program deployments are department-based rather than enterprise level.
There is a lot of efficiencies to be realized by deploying enterprise-level GRC programs, which forces a more holistic view of data and protecting it during its lifecycle. Michael Rasmussen, chief GRC pundit at GRC 20/20 Research notes that such a program would “integrate the views of enterprise risk, audit, corporate compliance, legal, IT security, health and safety."
GRC programs often have a stigma about them, but many organizations implementing enterprise-level GRC programs are seeing them as a way to better understand and use the data they have. Read more on this discussion here. To learn how you can easily track and secure your endpoints from a single console, providing an easy GRC program for endpoints, check out Absolute Computrace.