The new data center is service oriented and less focused on the physical assets when compared to virtualized and utility computing that may or may not be on-premises. This makes GRC a bit more challenging as the governance piece slips out of the direct control of the IT organization and compliance requirements increase in numbers and the sheer amount of stuff required to demonstrate your compliance.

Data Represented in an Interactive 3-D Form, by Idaho National Laboratory

In order to have a healthy GRC function in your IT environment, you must have an IT GRC platform that:

  • Define IT policies and controls based on external and internal requirements
  • Manage policy content
  • Map policies to technical and process controls
  • Evaluate IT risk
  • Automate the auditing and regulatory reporting

Keeping in mind that the last one is the “Self-Actualizing” GRC function atop the Maslow Hierarchy of Needs for any IT organization. Are you tired of being beaten to death by audits? That’s how you fix it.

This is where RSA’s Archer and its integration with EMC’s Network Configuration Manager, Storage Configuration Advisor, and VMware’s vCenter Configuration Manager can be a real needle-mover for your organization. Not only can it help you stop atop of the hierarchy of IT GRC needs, it can save your organization a ton of money and provide a real-time view into your current status to your executives.

Want more info? Stop by the RSA, EMC, or VMware booths in the Expo Hall!

This post originally appeared on

Possibly Related Posts: