AvePoint
Resources Blogs The Art of Leveraging Governance, Risk, and Compliance Technology

The Art of Leveraging Governance, Risk, and Compliance Technology

author
calendar10/27/2014
clock 2 min read
feature image
I recently contributed an article for WallStreet & Technology discussing how financial organizations can enhance trust, accountability, and transparency through the proper use of Governance, Risk, and Compliance technology. Following the media frenzy around the data breaches at Experian and Home Depot, organizations are facing heightened demand for data privacy and compliance regulation. In Grant Thornton LLP's survey of more than 400 chief audit executives from US organizations, 31 percent of respondents ranked compliance risks as their top concern, and 42 percent believe that data privacy has the most potential to impact company growth. Despite these findings, only 29 percent of respondents are using a governance, risk, and compliance tool, and only 22 percent believe their organization is leveraging GRC technology effectively. Why is there such disconnect between what is important and what is occurring? Businesses often create policies, practices, and controls without a true understanding of life on the ground in the company. In the article, I discuss the benefits of implementing compliance technology, but also ways to choose the correct tool for an organization’s unique needs. The most important GRC technology features are able to:
  • Discover data across multiple gateways to shed light on dark data and other potential risks.
  • Scan content in motion or at rest against out-of-the-box or customized checks for a wide range of privacy, information assurance, operational security, sensitive security      information, and accessibility requirements.
  • Drive enterprise classification and taxonomy with user-assisted and automated classification for all content.
  • Take corrective action automatically to secure, delete, move, quarantine, encrypt, or redact risk-defined content.
  • Enhance incident tracking and management with an integrated incident management system, in addition to trend reports and historical analysis to measure improvements over time.
  • Monitor data and systems on an ongoing basis to demonstrate and report on conformance across your enterprise wide information gateways and systems.
To read more about how financial organizations can properly implement GRC technology, please visit WallStreet & Technology. To learn how AvePoint helps organizations implement the compliance and risk management technology for their unique needs, please visit our website.
author

Dana Simberkoff

Dana Louise Simberkoff is the Chief Risk, Privacy and Information Security Officer at AvePoint. She oversees a global team of subject matter experts who monitor industry trends, emerging technologies, and best practices in risk management and compliance. Dana also provides strategic guidance on product direction, technology enhancements, customer challenges, and market opportunities, partnering closely with internal and external executive stakeholders. Dana is an industry leader, previously serving on the Education Advisory Board for the International Association of Privacy Professionals (IAPP) and as a founding member of the Women Leading Privacy Advisory Board. Dana has been featured in the Wall Street Journal, Forbes, Security Magazine and more, and is consistently recognized by organizations like IDC and CSO as an influential woman in cybersecurity. Dana holds a Bachelor of Arts degree from Dartmouth College and a Juris Doctor from Suffolk University Law School.

AvePointcomplianceGovernanceTips & Tricks