FierceFinanceFierceFinanceITFierceComplianceIT   FierceCIO

Buzzword alert: IT GRC

June 25, 2009 — 8:11am ET | By Jim Kim

Governance, risk and compliance has become, through lots of vendor effort, something of a buzzword--in a good way. It's on the map. People think they ought to know what it means.

But what about IT GRC--as in information technology GRC? What exactly does it mean? I'll admit it's a bit fuzzy to me. Is it reasonable to think of the term IT governance as a precursor to IT GRC? I eventually came around to the view that IT governance referred to the practices that ensure that IT was fully supporting all corporate governance initiatives, that is, supporting the initiatives that fall under corporate governance at the board level. Compliance was the key issue. If we extend that definition to IT GRC, I guess we're talking about IT practices that not only support but also enable strong GRC process.

You can get pretty detailed on this issue from an IT perspective, as does G.R. Sivaramakrishnan, a managing principal for financial services at Oracle. But it does seem to be an issue of rising importance as the GRC bandwagon rolls on. You just might be hearing the term thrown around a bit more when compliance and risk issues crop up.

Related Articles:
CFOs face complex GRC software decisions
Carnival: A GRC case study
Best practices for GRC implementations

SHARE WITH:
Email Twitter Facebook LinkedIn StumbleUpon
Get Your FREE FierceComplianceIT Email Newsletter:
Be the first to comment

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.