The role of content in GRC strategies, solutions, and architecture is becoming significant. Organizations find that they need access to risk and compliance intelligence updates, regulatory changes, risk libraries, control libraries, audit templates, sanction and watch lists, sample policies, and more. GRC technology solutions are often differentiating themselves by their ability to provide and integrate a range of content offerings into their solution to provide complete situational awareness in a dynamic business environment. However, the breadth and depth of content offerings is a maze that organization navigate.
GRC 20/20 has mapped over 145 providers of GRC Intelligence, Content & Knowledge offerings with a combined total of more that 450 content offerings. Some of these are easily integrated into a range of technology solutions, while others are tightly bound to their own technology.
In the Research Briefing, 2018 Market Overview: GRC Intelligence & Content Solutions, GRC 20/20 details the current drivers and trends for GRC related content and intelligence, provides a breakdown of GRC content categories and segmentation, lists GRC content providers by segmentation, and provide recommendations and considerations to organizations when evaluating solutions and offerings in context of GRC related intelligence and content content.
GRC Content & Intelligence solution segmentation, drivers, trends, and listings of specific content solutions will be discussed in the following areas:
- Audit Template & Workpaper Libraries
- Benchmarking Solutions
- Control Libraries
- Compliance Forms & Templates
- Due Diligence & Financial Monitoring
- EH&S Libraries
- Geo-Political Risk Monitoring
- Industry Risk & Regulatory Reporting
- Legal Cases & Analysis
- Loss & Incident Databases
- Negative News Monitoring
- Policy Libraries
- Regulatory Intelligence (actionable insight on reg change, not just a library)
- Regulatory Libraries
- Reputation & Brand Monitoring
- Risk Libraries (including KRI, risk registers)
- Risk Forms & Templates
- Sanction / Watch Lists (including PEP lists)
- Third Party Forms & Templates
- Third Party Monitoring
- Third Party Shared Assessments
- Threat & Vulnerability Monitoring
- Training Libraries
Michael Rasmussen – The GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 23+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures, and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” — being the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.
©GRC 20/20 Research, LLC. All Rights Reserved.
No part of this publication may be reproduced, adapted, stored in a retrieval system or transmitted in any form by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior permission of GRC 20/20 Research, LLC. If you are authorized to access this publication, your use of it is subject to the Usage Guidelines established in client contract. The information contained in this publication is believed to be accurate and has been obtained from sources believed to be reliable but cannot be guaranteed and is subject to change. GRC 20/20 accepts no liability whatever for actions taken based on information that may subsequently prove to be incorrect or errors in analysis. This research contains opinions of GRC 20/20 analysts and should not be construed as statements of fact. GRC 20/20 disclaims all warranties as to the accuracy, completeness or adequacy of such information and shall have no liability for errors, omissions or inadequacies in such information. Although GRC 20/20 may include a discussion of related legal issues, GRC 20/20 does not provide legal advice or services and its research should not be construed or used as such.