Gunnar Assmy - Fotolia
It's that time of year again: your chance not only to make, but to follow through on, your New Year's resolutions. That might include jumpstarting projects you've sidelined, improving operational practices or fixing any flaws in your risk management strategy.
What resolutions top your governance, risk and compliance (GRC) to-do list for 2015? After reflecting on some of their regrets in 2014, participants in our year-end #GRCChat revealed the GRC 2015 resolutions they hope to see through in the coming months.
Improved security measures -- including better passwords and user-training practices -- were quickly posited as a resolution by SearchCompliance Site Editor Ben Cole and other participants:
A2 Be better about using unique passwords/updating them frequently – simple measure to protect online info but most never do it #GRCchat— Ben Cole (@BenjaminCole11) December 18, 2014
A2 Biz should train end users on their role security- they're the first line of defense, IT can't have eyes everywhere #GRCchat— Ben Cole (@BenjaminCole11) December 18, 2014
SearchCompliance's Senior Managing Editor Rachel Lebeaux touched off a discussion of shadow IT, the hardware or software not supported by an organization's IT department. Shadow IT has been approached as "the enemy" for years, but now more organizations are sidelining their battle against shadow users in order to better communicate with, integrate and educate employees on the matter:
Better clarification of National Institute of Standards and Technology (NIST) governance standards around security and privacy made one participant's GRC 2015 resolutions list:
Q2: We are planning to improve & deepen governance visibility in the NIST security and privacy drafts. Vers 1 RFI due Feb 2015 #grcchat— knowlengr (@knowlengr) December 18, 2014
A2: As M&A wraps up, try to advance the GRC cause in whatever job I have next. #grcchat— Forvalaka41 (@Forvalaka41) December 18, 2014
In TechTarget's 2014 IT Salary and Careers survey, IT professionals ranked big data as their third-highest project priority for 2015. But big data poses compliance challenges due to its sheer volume, complexity and lack of consistent structure. One participant hopes to get a better hold of big data and open data compliance in 2015:
What are your GRC 2015 resolutions? Sound off in the comments section below.