There is no shortage of tools to help financial services firms automate their governance, risk and compliance (GRC) requirements. Gartner Inc. earlier this year estimated the total market for GRC tools at $117 million in 2009, and predicted that it will have steady but slow growth for the near term. Many IT and risk managers get their start with GRC analysis by using a simple spreadsheet to track risks and security policies. But that isn’t a very scalable or reliable approach, and it is very labor-intensive and error-prone.
A better strategy is use some sort of automated GRC tool, and I take a look at how you can evaluate these tools for an article that I wrote for SearchFinancialSecurity over at TechTarget here.