How to Select the Right GRC Solution for Your Organization

Recorded: May 17 | 2012

Governance, risk management and compliance (GRC) processes are extensive; they are how an organization is directed and managed to achieve goals, considering risks to achievement, and complying with applicable laws and regulations.

Issues around information have become central to organizational strategies and GRC software is needed in organizations, and investment in these areas has been increasing. The GRC software space is vast with over 400 GRC software providers that span multiple categories and sub-categories of GRC related software.

Implementing a solution can be a lengthy and costly exercise, so it is imperative to choose carefully from the large number of options in the market. The issue is sifting through all the vendors with their offerings to find the one that best fits your organization. Buyers should have a clear understanding of their organizations functionality requirements, and a strategy in place for selecting the right partner. Join this webcast, and learn how to choose the right GRC solution for your organization as our experts discuss:

How to understand your organizations functionality needs.
Guidance for selecting the right partner including examples of good RFP questions.
How to sift through the different solutions and make weighted assessments against solution criteria.
Core maintenance and ongoing feeding requirements.

Brandon Dunlap is the Managing Director of research at Brightfly and the Moderator of this event. He has more than 15 years of experience managing business technology risk in large and small organizations. He has served in a variety of roles across heavily regulated industries, successfully leading all aspects of IT security programs, including policy and procedure management, oversight and control, strategy, architecture, development, and training. Currently, he is the Managing Director of Research of Brightfly, an independent, advisory and research firm that focuses on building a collaborative IT practitioner communities and bridging the gaps within information technology, security, risk, compliance, and audit disciplines.

Chris McClean contributes to Forrester's offerings for the Security & Risk professional, leading the company's coverage of governance, risk, and compliance (GRC). He is also a thought leader on the related issues of corporate social responsibility (CSR) and sustainability. He is a frequent speaker on these subjects at vendor events as well as conferences run by industry organizations such as the Risk Management Association. He has also been interviewed by top media outlets such as CFO Magazine, Compliance Week, CRO Magazine, and Treasury & Risk Magazine. Chris serves Forrester clients with research on GRC and CSR strategy, organization, best practices, and technologies, and he is a frequent speaker on these subjects at industry and vendor events. Before coming to Forrester, his background was in marketing for security and risk management vendors, representing a broad range of market segments, such as compliance management, vulnerability management, digital forensics, and security information management.

Ben Tomhave is the Principal Consultant at LockPath. Ben (MS, CISSP) helps global enterprises, SMBs and service partners unlock the real promise of integrated governance, risk and compliance in his current role as Principal Consultant for LockPath, a market-changing GRC software company. A distinguished author and experienced speaker, he currently serves on the OWASP NoVA chapter board, the Society of Information Risk Analysts board, and as the co-vice-chair of the ABA InfoSec Committee. He is also a member of ISSA and the IEEE Computer Society, and earned a MS in Engineering Management from The George Washington University with an InfoSec Management concentration.

Jean-Marie Zirano defines and manages MEGA's product strategy. Jean-Marie started his career as a MIS consultant with Andersen Consulting, working for retail, manufacturing and utilities companies. Jean-Marie then joined CGI (now IBM), Platinum Technology and Computer Associates in product line management positions. At MEGA since 2000, Jean-Marie helped boost the company's international growth. As VP – Business Development, he extended the reach of MEGA worldwide. Appointed VP – Product Management, he strengthened and extended MEGA's solutions from enterprise architecture to enterprise-wide GRC initiatives. In his current VP – Product Strategy role, Jean-Marie works closely with global companies willing to improve operational excellence, to provide them with holistic solutions covering enterprise architecture, risk management, governance and compliance programs.