• Search

• Categories

  • Change Management
  • Company News
  • Industry Observations
  • Information Security
  • ITAM (Asset Management)
  • ITIL and Service Management
  • RFID
  • Software License Compliance

• Recently Written

  • Managing mobile assets – making it part of your ITAM program
  • Keep an Eye on the Hardware Lifecycle
  • Managing mobile assets – bills
  • Managing mobile devices – email addresses
  • Managing mobile assets - contracts
  • Managing mobile devices - applications
  • Managing mobile assets - SIM cards
  • Managing mobile assets – risks
  • Retiring software assets
  • Quick tips on keeping software licenses organized & updated

• Blogroll

  • Miro Consulting

• Subscription

  •  Blog Articles
  •  Subscribe by Email
  • 

• Archives

  • July 2010
  • June 2010
  • May 2009
  • April 2009
  • March 2009
  • February 2009
  • January 2009
  • December 2008
  • November 2008
  • October 2008
  • September 2008
  • August 2008
  • July 2008
  • June 2008
  • May 2008
  • April 2008
  • February 2008
  • January 2008
  • December 2007

• Members

  • Log in

Most Governance Risk and Compliance (GRC) cases are driven by external regulations or compliance requirements, such as Sarbanes Oxley (SOX). Creating a business case for GRC with this in mind is simple - do so or risk jail time. Internal controls over financial reporting are an essential function in your IT framework and should define the assessment tools and reporting functions across the organization.

In addition to compliance with the major regulators, there are many other benefits from implementing a comprehensive GRC plan. The process, like any major IT implementation, requires a clearly defined plan or blueprint to define the scope, taxonomy, methodology and desired outcome. When undertaking such a project you must remember to establish a common language for risks and controls and implement a consistent methodology. The objective is to develop transparency in your reporting and monitoring, so nothing falls through the cracks. Consistency in your model will be the key driver for a successful implementation. There are several independent vendors and professionals that specialize in GRC. With your business on the line, it often pays to take a professional’s advice when embarking on this type of implementation.

Comments