The core concept behind IT governance is making sure that organizations align business strategy with IT strategy. This means that goal of IT governance is ultimately to ensure that the processes governing evaluation, selection, prioritization, and funding of competing IT investments are driven by the overall business.
There are two distinct phases of IT governance: the first is determining what the IT organization works on, and this is driven by the business. The second is determining how the IT organization supports the business goals of the organization, which is a CIO responsibility.
An IT governance framework puts mechanisms in place to measure how the IT department is functioning overall, what are the key management metrics, and what return IT is giving back to the business from the investment it’s making.
IT governance is usually accompanied by processes to manage risk across the enterprise and also to ensure compliance with multiple regulations including Basel II, SOX and additional financial reporting, data privacy, and industry regulations.
Workforce mobility and the rise of cloud services is an essential part of any business, but it creates a number of challenges for IT. Data spread across devices and cloud services, unpredictable schedules, and varied network connections all complicate efforts to protect and govern enterprise info...
Forcepoint DLP promises to address human-centric risk by providing visibility and control everywhere your people work and everywhere your data resides. Security teams apply user-risk scoring to focus on the events that matter most and to accelerate compliance with global data regulations. The ve...
RSA Archer, from the security, governance, and risk division of RSA Security is an integrated risk management / GRC platform.
Many organizations that use Office 365 are exposed to security risks that they are unaware of. As they extend SharePoint to meet their business needs, they build applications using technologies that range from end-user Microsoft Flow to developer-focused SharePoint Framework. Unfortunately, all o...
D&B Credit is a global, cloud-based risk management solution fueled by Dun & Bradstreet’s industry-leading data and analytics. With powerful portfolio segmentation tools, configurable alert monitoring, and easy-to-read digital credit reports, finance and credit professionals can work more...
Mitratech PolicyHub is a policy management solution designed to create, update, approve and communicate policies to automated knowledge assessments, audit and reporting,
Wdesk from Workiva is a cloud platform designed to provide collaboration, data integration, and an audit trail. Wdesk helps mitigate risk, and improves productivity
BWise is an Governance, Risk Management, and Compliance (GRC) platform formerly owned and supported by Nasdaq, acquired by SAI Global in April 2019.
MEGA International headquartered in France offers enterprise architecture management and modeling software, and a governance, risk management, and compliance (GRC) platform.
ServiceNow Governance, Risk, and Compliance provides the tools businesses use to proactively manage risk by measuring, testing and auditing internal processes. This solution helps business users ensure compliance to regulations, policies, standards and frameworks.
Compliance 360 is a governance, risk management, and compliance (GRC) platform offered by SAI Global headquartered in Sydney, Australia since the 2012 acquisition.
HighBond is a Governance, Risk Management, and Compliance Platform from Galvanize, the company formed from the merger of Rsam and ACL Services, headquartered in Vancouver.
The MetricStream GRC Platform M7, from MetricStream in Palo Alto, California is a Governance, Risk Management, and Compliance (GRC) platform supplying a technology infrastructure for deploying GRC apps configurable to meet the needs of the enterprise.
SAP's BusinessObjects GRC is a governance, risk management, and compliance platform.
Qualys Policy Compliance (PC) from Qualys in Redwood City, California is a Governance, Risk Management, and Compliance (GRC) Platform.
The Symantec Control Compliance Suite is a Governance, Risk Management, and Compliance (GRC) Platform.
Riskonnect is an Integrated Risk Management platform. Riskonnect products are all connected, allowing users to navigate to review, analyze, and report from a single interface.
SAP Audit Management streamlines internal audit activities with mobile capabilities. The product enables documentation of evidence, organization of work papers, and creation of audit reports. It can be deployed on premises or in the cloud.
PolicyManager is a web-based enterprise policy and procedure management platform designed for healthcare. The platform allows hospitals and integrated healthcare delivery networks to streamline, consolidate, standardize and centralize all policies in one electronic repository. According to the ve...
Crownpeak, headquartered in Denver, offers their Consent suite of products, applications designed to support brands in maintaining compliance with local and global privacy laws (e.g. GDPR). The platform features easy opt-in and opt-out, notice and consent gateways, customizable banners, and more.
SEON Technologies provides a platform designed to help online businesses reduce the costs, time, and challenges faced due to fraud. The vendor says their platform can help global financial companies as well as small eCommerce organizations simplify fraud management so they can focus on what matte...
IBM OpenPages is a governance, risk management, and compliance (GRC) platform.
TruComply is a Governance, Risk Management, and Compliance (GRC) platform developed by ANX and supported by OpenText since the company acquired ANX in 2016.
Global company ControlCase headquartered in McLean, Virginia offers a Governance, Risk Management, and Compliance (GRC) Platform.
