The GRC market jump-started with the passage of Sarbanes-Oxley (SOX) and in particular the need to deal with Section 404 of SOX-the requirement for companies to check the effectiveness of internal controls and procedures for financial reporting. It went into high gear in the wake of the mortgage crisis, which exposed the failure of many existing risk management systems in the financial sector. Now, in anticipation of new fiscal regulations that are likely to result from the almost unimaginable mortgage and banking failures plus other factors such as the growth of corporate social responsibility, the GRC business will continue to boom.

Business imperatives, increased regulatory pressure, and customer demands are forcing many CIOs to adopt a structured, enterprise wide approach to GRC. Today, organizations are developing a unified GRC strategy that directs people, standardizes processes, and integrates technology to solidify GRC at every level within an organization. IT governance, IT risk management, and IT compliance (IT GRC) are three distinct disciplines that in the past have existed in silos within organizations; however executives no longer see these activities as individual, one-time projects handled in separate parts of the IT organization. Rather, they are finding that there are a lot of commonalities and interrelationships that exist between these three areas. By adopting a unified IT GRC approach and by managing the associated activities coherently organizations are creating efficiencies, providing a holistic view of the IT environment, and ensuring accountability. However, this is no straight forward task and the direction taken by the strategists can depend on the industry specific regulations and the solutions available.

Industry Specific Regulations:  


Energy & Utilities


Public Sector

·         Basel II

·         FDICIA

·         GLBA

·         AML

·         SOX

·         FFIEC

·         ISO 27002


·         FERC

·         NERC

·         NRC guidelines

·         M&A regs

·         SOX

·         ISO 27002

·         HIPAA

·         FDA

·         OSHA

·         ISO 27002

·         FISMA

·         COG

·         ISO 27002

In addition there is currently a lot of confusion on what exactly IT GRC is and what subcomponents to consider while establishing a program. And, with a large number of vendors in the IT GRC market, determining the best product for any given business problem can be challenging.

The IT GRC Forum strives to clear the fog by defining a roadmap for IT GRC strategies, through bringing together industry analysts, solution providers and GRC strategists to enable communication and learning of best practices. Through this integrated media platform we offer a user friendly interface for anonymous discussion and networking with peers, and provide a wealth of organized information to assist the IT GRC decision maker. We provide educational clarity to strategists through a categorized media archive, which aligns expert market intelligence to recommended technology solutions. Through the IT GRC Forum we will supply senior-level executives and IT professionals with the most current industry research and real-life business experiences to address the needs of this ever changing marketplace.

Benefits of Membership
  •  Connects you to GRC Professionals; peers and IT experts.
  •  Social Networking facility to share best practices, in the community forum or on a one to one basis.
  •  FOC facility to create private blogs (visible to all users).
  •  Provides expert market intelligence to help you make informed market decisions.
  •  FOC access to our categorized archive of articles, whitepapers, case-studies, podcasts and webcasts.

Get Started
First you should
Create an account to experience all of the features of the IT GRC Forum. You will be asked to provide your email address, choose a username and password, and provide some basic job and company information (optional). You do not have to list personal information on your member's profile although this may help you to network with other members.

Confirm Registration
Next you will receive an email from us asking you to confirm your registration to, click the link and you're set! 

Our Production Department adds new pieces of original editorial content weekly and you will be notified to new content through e-newsletter communications. All site content is indexed continually and made available to registered users.

Log in

Please Login to download this file

Username *
Password *
Remember Me

Create an account

Fields marked with an asterisk (*) are required.
Name *
Username *
Password *
Verify password *
Email *
Verify email *
Captcha *
Go to top