Home > Information Security Magazine > Features > GRC Tools Help Manage Regulations
EMAIL THIS
Information Security Magazine

  CURRENT ISSUE  
  FEATURES  
  COLUMNS  
  HOT PICK & PRODUCT REVIEWS  
  ARCHIVES  
  SUBSCRIBE/RENEW  
  

GRC Tools Help Manage Regulations
by Diana Kelley & Ed Moyle
Issue: Jun 2008
printer-friendly
< PREV PAGE   |   1  |   2  |   3  |   4  |   5  |   6  |   7  |   8  |   9  |   10  |   11  |   NEXT PAGE  >

One Size Doesn't Fit All
Each of the products we looked at interprets governance, risk and compliance in a different way and has a feature set tailored to its vision. Archer emphasizes regulatory compliance, most useful for the compliance or security group in a heavily regulated industry. Modulo focuses on risk management, which is of special value to the auditor or consultant out in the field validating organizational compliance to controls. Symantec focuses on technical control validation, most useful to information security technical personnel.

But in order to know how the vendor interprets the GRC vision, you must look beyond the marketing. All of these products are marketed similarly; they get coverage from analysts in the same reports and they're lumped together in the industry press. But they're really very different.

What does that mean to the industry? Maybe we should start segmenting the GRC market to reflect the fact that these products aren't the same. What does it mean for GRC vendors? Maybe it's not a threat if your product doesn't do exactly the same thing as the other guy's product. And what does that mean for the consumer? It means you need to be extra careful before you buy: Make sure your vendor's vision of the market aligns with yours, and that the product you're buying does what you think it will.

[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE] [IMAGE] Security7Awards [IMAGE]
...



[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE]
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
It's Time to recognize the industry's Best
Information Security magazine and SearchSecurity.com will honor innovative security practitioners in seven vertical markets this fall with our annual Security Seven Awards. The awards, to be handed out at the Information Security Decisions conference in Chicago and featured in the magazine's October issue, will recognize the efforts, achievements and contributions of practitioners in financial services, telecommunications, manufacturing, energy, government, education and health care.

While vendor executives are not eligible, we're inviting you to nominate your most innovative practitioners. Nominees must have made a noteworthy contribution to their organizations or the security community in areas including research, product development and standards.

Download the nomination form at
www.searchsecurity.com/securityseven

and email it to
securityseven@infosecuritymag.com.

Nomination Deadline: June 25

[IMAGE]
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE]
[IMAGE]
< PREV PAGE   |   1  |   2  |   3  |   4  |   5  |   6  |   7  |   8  |   9  |   10  |   11  |   NEXT PAGE  >





TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts