Gartner Blog Network

Security and Risk Management Budget Survey

by French Caldwell  |  January 8, 2009  |  1 Comment

From my colleague Paul Proctor:

With some notable exceptions, it looks like security and risk management budgets are going to be flat or go up slightly in 2009. However, the global economic climate reduces the value of 2009 budget data collected before October 2008. Help Gartner get the latest information on your organization and we’ll publish the results.

Please take this 5 minute survey on 2009 budget impact.   Thanks.


French Caldwell
VP and Gartner Fellow
15 years at Gartner
19 years IT industry

French Caldwell is a vice president and Gartner Fellow in Gartner Research, where he leads governance, risk and compliance research. Mr. Caldwell also writes and presents on knowledge management. His research includes analysis of the impact… Read Full Bio

Thoughts on Security and Risk Management Budget Survey

  1. N. Renzullo says:


    Compliance — and worse GRC — is like the proverbial blind men and the elephant when it comes to defining practical entrypoints for selling solutions. First you must ask yourself, am I selling to SME with loose SOHO affiliates, to a large enterprise, to a Federal agency, to an international enterprise or government agency and the list goes on. Then you have to ask, do they have a CCO, are they using outsourced services for assessore/analysis/audits, etc.

    I turned to Vinnie Mirchandani for some help. I asked him four things:
    1 – Who buys compliance in any given organization? (who do you approach to sell something to?)
    2 – Are large enterprises and government agencies buying more compliance products, more services, or both (what are the trends)?
    3 – If services – who are they buying from? And what are they buying?
    4 – What GRC solutions are being purchased today, what companies are buying them, and who in the organization is evaluating and purchasing the solutions?

    Maybe you have answers to these questions that you would be willing to share (I am a Gartner client :->).


Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.