For all organizations with current or planned initiatives in the area of IT governance, risk management, and compliance (IT GRC), this report describes the policy, planning, process, and organizational elements of successful implementations.

May 2009 - Organizational exposure to compliance risk is rising while the cost of compliance soars. Additionally, the ad hoc, reactive approach to compliance brings complexity, forcing business to be less agile. Organizations typically address compliance as singular issues and obligations; as a result they have multiple initiatives working in isolation to respond to each regulatory requirement.

Published: Jan 09 - Organizations are in an ongoing eff ort to achieve sustainability, consistency, transparency, accountability, and effi ciency across risk and compliance initiatives. The fact of the matter is: organizations need complete visibility into the portfolio of risks spread across distributed and complex business processes and relationships.