Gartner Blog Network

Category: 'it-grc' Blog Posts

from the Gartner Blog Network

CERT IT Risk Podcast

by Erik Heidt  |  March 26, 2014

Julia Allen invited Ben Tomhave and I to collaborate with her on a podcast for CERT "Comparing IT Risk Assessment and Analysis Methods" (link).  (Note, there is a full transcript...

Read more »

New Self-Audit Toolkit

by Erik Heidt  |  September 25, 2013

In "Achieving IT GRC Success", Gartner recommended that enterprises consider six core activities in the Execution phase of the IT GRC practice. These included: Risk Assessment KRI Measurement and Management...

Read more »

Effective Selection and Implementation of IT GRC Solutions

by Erik Heidt  |  September 20, 2013

The basic question is, how do you select tools to support your IT Governance, Risk Management and Compliance (IT GRC) needs? This has been a major focus for my research...

Read more »

Relativistic Control Theory

by Erik Heidt  |  September 19, 2013

A few weeks ago I had the pleasure of attending a roundtable of IT Risk Managers. Most of the participants were folks involved in day-to-day risk and governance in financial...

Read more »

Add some IT GRC to your Catalyst! (or cloud, or crypto)

by Erik Heidt  |  July 18, 2013

Late breaking news: Just this week the opportunity to present an IT GRC session at Catalyst came up! As a result I will be presenting a 45 minute session discussing...

Read more »

Two Inconvenient Truths about IT Compliance

by Erik Heidt  |  May 17, 2013

I am very pleased to announce that my first document Achieving IT GRC Sucess has published this week and is now available to Gartner for Technical Professionals subscribers. The research and...

Read more »