By Stephen Walker, Aberdeen Group
Organizations have been aggressively discussing “aligning IT to business” as a key strategy since the inception of the Information Technology (IT) department. The frequency and urgency of these discussions has increased significantly as heightened competition across a globalized economy has shifted the speed of business into overdrive. In addition to achieving and consistently providing documentary evidence of compliance with a growing number of regulatory mandates while attempting to manage the increasing scope and complexity of risks (from outside attack to insider abuse and everything in-between), IT departments are under greater pressure than ever to respond to business demands in tighter time-frames.
Recent research from Aberdeen Group's July 2008 benchmark report, Is Your GRC Strategy Intelligent? Analytics for Accurate Real-Time Visibility and Decision Making, reveals that alongside new and changing regulatory mandates (37%) and the need to better manage and mitigate business and operational risks (48%), one of the top three macro-economic pressures driving investment in Governance, Risk management, and Compliance (GRC) technologies and services is the need to improve operational efficiencies in IT and business activities (Figure 1).
Figure 1: Top Pressures Driving Risk and Compliance Investments
Source: Aberdeen Group, December, 2008