Aberdeen Group Survey Confirms that IT GRC Software Critical to Successful
Survey reveals IT GRC reduces costs while dramatically improving performance
(PRWEB) February 23, 2010 -- Regulatory compliance pressures, high profile identity theft cases, and recent
economic events have led to heightened awareness of the importance of sound risk management. Organizations
seek to establish a consistent approach to risk management, establish baselines for determining acceptable risk,
and better prioritize risks for remediation.
Results of the Aberdeen Group IT Security: Balancing Enterprise Risk and Reward study, sponsored by TruArx,
reveal that organizations with best-in-class risk management programs are more than four times as likely as other
organizations to use centralized, automated systems for governance, risk, and compliance.
Key Findings of the Study
Aberdeen’s research shows that companies which use IT GRC software solutions derive the following benefits:
- Identify and assess risk more effectively
- Increase management visibility into current risk status
- Communicate risks to key stakeholders more clearly
- Translate risk assessment data into actionable recommendations, and make faster decisions based on changes in
Further, IT GRC software allows them to execute risk management processes more efficiently, reducing
operational costs, specifically:
- Eliminated approximately 10% of redundant risk management processes and activities
- Converged stove-piped risk management practices, reducing associated operating costs by 6.4%
"Aberdeen's research confirms that IT GRC frameworks and technologies are invaluable tools, which are being
used to help businesses manage successfully in the face of uncertainty and risk," said Derek E. Brink, vice
president and research fellow for IT Security, Aberdeen Group. "The top performers are successfully leveraging
these tools as part of a risk-based, policy-based approach to balancing enterprise risk and reward."