ID Number: G00224672



IT Governance, Risk, and Compliance Management Solutions
28 December 2011
 
Trent Henry  

By coordinating policies, risks, and both technical and nontechnical control assessment, IT governance, risk, and compliance (IT-GRC) solutions provide IT and security organizations with a more efficient means to monitor compliance and risk. Maturing tools provide improved value, but the market is slowly converging with enterprise GRC capabilities, resulting in a still-evolving space.





*
Unavailable for individual purchase
For information on how to gain access to this and other documents,
click here.








Document History


Browse Topics


Other Options







Contact Gartner




For information on how to gain access to this and other documents, click here.
 You or your organization may already own this document. Register now to find out. Your Gartner Membership Administrator can supply the needed License Key(s).
You will not lose your document during registration.
Sign in here:
Username:

Password:
Forgot your username
or password?







This document is not available as part of your current Gartner subscription. For pricing and availability of the full document, please contact your Gartner account representative. Your account representative can also give you more information about your current subscription and other access options that may be available to you. If you do not have a Gartner account representative, call +1 203 316 1200 for assistance.

Table of Contents

Contents
  • Summary of Findings
  • Analysis
    • Driving Questions
    • Risk, Compliance, and Process
    • Solution Features
      • Organizational Security Policy Management
      • Knowledgebase of Regulations and Control Standards
      • Controls and Policy Mapping
      • Technical Infrastructure Assessment
      • IT Control Self-Assessment and Measurement
      • Remediation and Exception Management
      • IT Compliance Dashboards and Reporting
      • IT Risk Evaluation
    • IT-GRC Architecture
    • Assessment and Validation
    • Market Landscape
      • Technology and Market Trends
      • Market Dynamics
    • Customer Perspectives
      • Anticipate Professional Services
      • Policy Management Is Challenging
      • Buy Over Build
      • Implementation Is a Long Journey
    • Strengths
    • Weaknesses
  • Recommendations
    • Complete Your Homework to Breed Success
    • Poll the Broader Organization
    • Heed Nontechnical Controls
    • Understand the Role of Numbers
    • Evaluate Knowledgebase Origin
    • Face the Reality of Risk Responsibility
    • Reach Out to Risk Management Peers
  • The Details
    • Vendors
      • Agiliance
      • Archer (EMC/RSA)
      • Brinqa
      • ControlCase
      • MetricStream
      • Modulo
      • Rsam
      • Symantec
    • Other Solutions
  • Recommended Reading
Tables
Table 1.
Validation of Different Controls
Table 2.
Agiliance Solution Features
Table 3.
Archer Solution Features
Table 4.
Brinqa Solution Features
Table 5.
ControlCase Solution Features
Table 6.
MetricStream Solution Features
Table 7.
Modulo Solution Features
Table 8.
Rsam Solution Features
Table 9.
Symantec Solution Features
Figures
Figure 1.
Notional IT-GRC Architecture
Figure 2.
Nuances to Assessment and Validation
Figure 3.
Solution Landscape for IT-GRC
Figure 4.
Agiliance Architecture
Figure 5.
Archer Architecture
Figure 6.
Brinqa Architecture
Figure 7.
ControlCase Logical Architecture
Figure 8.
MetricStream Architecture
Figure 9.
Modulo Architecture
Figure 10.
Rsam Logical Architecture
Figure 11.
Symantec Architecture


Document History:
 
IT Governance, Risk, and Compliance Management Solutions
28 December 2011
  
Security Compliance Orchestration: A Market Emerges Out of the IT-GRC Fog
8 August 2008
  




Browse Topics:
 
Governance, Risk and Compliance Management
Security Management




© 2011 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction and distribution of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner's research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice.




Resource Id: 1884814