
Gunnar Assmy - Fotolia
GRC 2015: What do you hope to achieve this year?
A new year means a fresh start. In this #GRCChat recap, participants assess their current IT challenges and share their GRC 2015 resolutions.
It's that time of year again: your chance not only to make, but to follow through on, your New Year's resolutions. That might include jumpstarting projects you've sidelined, improving operational practices or fixing any flaws in your risk management strategy.
What resolutions top your governance, risk and compliance (GRC) to-do list for 2015? After reflecting on some of their regrets in 2014, participants in our year-end #GRCChat revealed the GRC 2015 resolutions they hope to see through in the coming months.
Improved security measures -- including better passwords and user-training practices -- were quickly posited as a resolution by SearchCompliance Site Editor Ben Cole and other participants:
A2 Be better about using unique passwords/updating them frequently – simple measure to protect online info but most never do it #GRCchat
— Ben Cole (@BenjaminCole11)
December 18, 2014
A2 Biz should train end users on their role security- they're the first line of defense, IT can't have eyes everywhere #GRCchat
— Ben Cole (@BenjaminCole11)
December 18, 2014
@BenjaminCole11 very true; many co.s tend to underestimate the human factor in security #grcchat
— Fran Sales (@Fran_S_TT)
December 18, 2014
SearchCompliance's Senior Managing Editor Rachel Lebeaux touched off a discussion of shadow IT, the hardware or software not supported by an organization's IT department. Shadow IT has been approached as "the enemy" for years, but now more organizations are sidelining their battle against shadow users in order to better communicate with, integrate and educate employees on the matter:
@ITCompliance A2 I hear organizations are aiming to bring #shadowIT into the fold so IT knows what's going on, fewer #GRC concerns. #GRCChat
— RachelTT (@RachelatTT)
December 18, 2014
Better clarification of National Institute of Standards and Technology (NIST) governance standards around security and privacy made one participant's GRC 2015 resolutions list:
Q2: We are planning to improve & deepen governance visibility in the NIST security and privacy drafts. Vers 1 RFI due Feb 2015 #grcchat
— knowlengr (@knowlengr)
December 18, 2014
A2: As M&A wraps up, try to advance the GRC cause in whatever job I have next. #grcchat
— Forvalaka41 (@Forvalaka41)
December 18, 2014
In TechTarget's 2014 IT Salary and Careers survey, IT professionals ranked big data as their third-highest project priority for 2015. But big data poses compliance challenges due to its sheer volume, complexity and lack of consistent structure. One participant hopes to get a better hold of big data and open data compliance in 2015:
A2 #BigData compliance is still dicey for hybrid, federated, multi-owner, multi-custody datasets. See also #opendata #grcchat
— knowlengr (@knowlengr)
December 18, 2014
What are your GRC 2015 resolutions? Sound off in the comments section below.