Centralised GRC or integrated silos?

29 Jul

An interesting article here which considers if the trend is to centralise GRC teams and technologies or focus on integrating existing silos. Where common taxonomy and ways of working can be adopted, the business case to focus on centralised GRC (even if just for technology and resource cost savings) is a clear one though not without its challenges. Depending on the specifics of any given situation though, it may be better to invest in a central GRC technology capable of supporting all risk and compliance functions than it is to spend money integrating (and therefore needing to continue supporting and maintaining) legacy applications.