Critical Platform Capabilities For IT GRC Solution

The intent of using IT Governance Risk Compliance (IT GRC) tools and capabilities is to report and manage IT Risks. We will study the critical platform capabilities for IT GRC Tools.

8669801079?profile=original

Critical Platform Capabilities In IT GRC Solution

  • IT Risk Management
  • IT Asset Management
  • Policy Management
  • Social Media Risk Management
  • IT Vendor Risk Management
  • 3rd party Vendor Integrations
  • Incident tracking & management
  • Customizable Reports and Dashboards
  • Customizable Workflows
  • Security Monitoring & Overview
  • Disaster Recovery & Business continuity management
  • IT GRC Elements Mapping / Cross Mapping and Interlinks between modules
  • Integration with Enterprise IT – SSO (with RBAC), DBMS, HRMS etc.
  • Survey creation & distribution (with or without access to GRC platform)
  • Pre-packaged content (Policies, Controls, Procedures, Risk Register, Metrics (KRIs, Security etc.) Assessment Questionnaire etc.)
  • Integration with Cloud and BYOD

The major areas under consideration should be the IT Risk Mapping, Ability To Track Risk and Estimate it, Presenting of the data in Dashboard/Reports.

( Read More: Free Resources For Kickstarting Your IT-GRC Program )

Few Questions to assess an IT GRC Vendor

  • Do they have Proof Of Concept support? Timeline?
  • What are the added costs?
  • Scope of expansion of IT GRC Product? Can the vendor support expand into Enterprise and Legal GRC?
  • What is the feedback of real users? Ask your colleagues
  • What are the supported OS,Cloud and Mobile?
  • What are the liabilities they entail? Have the contract well checked for adverse situations. 

( Read More: Incident Response: How To Respond To A Security Breach During First 24 Hours (Checklist) )

Reference

1. Extracts have been taken from IT GRC Workshop, Decision Summit, Delhi 2015 by Ravi Mishra

E-mail me when people leave their comments –

You need to be a member of CISO Platform to add comments!

Join CISO Platform

Virtual Summit - Best Of The World In Security 2021

  • Description:

    This conference celebrates the foremost security researchers and trainers in the world. This is co-hosted by CISO Platform and SACON with 40,000+ global security professionals. Our vision is to promote collaborative and cooperative learning with the best of the minds in Cyber Security.

    Link to register : https://event.cisoplatform.com/top-100-award-annual-summit-2021/

  • Created by: pritha