Technology Innovator in IT GRC Management
Executive SummaryWhen organizations approach IT GRC in scattered risk assessments that lack consistency in measurement and reporting there is no possibility to be intelligent about IT GRC decisions that impact the broader organizations and its operations. Organizations need an IT GRC risk management function that delivers consistency and agility in risk measurement. Managing risk is a unique process because every business is different. There are some general risk management activities companies must do, but once they get down to the detail level, companies often employ their own risk calculations. To date, this has been very complex for GRC solutions to solve. Most platforms easily permit users to create complex multi-calculation formulas (calc on calc), but order of operations in these formulas are not consistently enforced. This means users often receive the wrong risk results and different users and departments have varying, conflicting, and non-consistent approaches. Risk measurement then becomes subjective and the organization compares apples to oranges. Lockpath has solved the problem majority of GRC users experience in the marketplace with the re-engineered, patent pending, Keylight Formula Engine. In this context, GRC 20/20 has recognized Lockpath Keylight Formula Engine with a 2017 GRC Innovation Award for the best innovation in IT GRC Management.
Table of Contents
- Complexities of IT GRC Challenge Organizations
- Lockpath Keylight Formula Engine
- Innovation in IT GRC Management
- What Keylight Formula Engine Does
- Benefits Organizations Have Received with Keylight Formula Engine
- Considerations in Context of Lockpath Keylight Formula Engine
- About GRC 20/20 Research, LLC
- Research Methodology
AuthorMichael Rasmussen – The GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 23+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures, and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” — being the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.
©GRC 20/20 Research, LLC. All Rights Reserved. No part of this publication may be reproduced, adapted, stored in a retrieval system or transmitted in any form by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior permission of GRC 20/20 Research, LLC. If you are authorized to access this publication, your use of it is subject to the Usage Guidelines established in client contract. The information contained in this publication is believed to be accurate and has been obtained from sources believed to be reliable but cannot be guaranteed and is subject to change. GRC 20/20 accepts no liability whatever for actions taken based on information that may subsequently prove to be incorrect or errors in analysis. This research contains opinions of GRC 20/20 analysts and should not be construed as statements of fact. GRC 20/20 disclaims all warranties as to the accuracy, completeness or adequacy of such information and shall have no liability for errors, omissions or inadequacies in such information. Although GRC 20/20 may include a discussion of related legal issues, GRC 20/20 does not provide legal advice or services and its research should not be construed or used as such.[/vc_column_text][/vc_column][/vc_row]