GRC in the NextGen Data Center standard

The new data center is service oriented and less focused on the physical assets when compared to virtualized and utility computing that may or may not be on-premises. This makes GRC a bit more challenging as the governance piece slips out of the direct control of the IT organization and compliance requirements increase in numbers and the sheer amount of stuff required to demonstrate your compliance. In order to have a healthy GRC function in your IT environment, you must have an IT GRC platform that: Define IT policies and controls based on external and internal requirements Manage policy content Map policies to technical and process controls Evaluate IT risk Automate the auditing and regulatory reporting Keeping in mind that ...
Continue Reading