What level of confidence does your CFO have in the risk information coming out of IT?
That’s a question we often ask to our customers, and typically the answer is “not a lot of confidence”. While processes and methods for areas like Credit Risk, Financial Risk and Market Risk are fairly mature, Operational Risk and IT/Technology Risk are generally immature. Executives aren’t getting accurate, aggregated or transparent answers to their questions.
RSA Archer and several of its partners have launched the 2014 GRC Metrics Survey, asking questions such as:
- Do business teams believe they are collecting and analyzing the information they need to be effective?
- Do they get relevant information about the operation and value of their capability to manage performance, risk and compliance?
- Do boards, auditors and c-suite executives have confidence that the right information is being collected and analyzed to drive achievement of objectives?
You can learn more about the survey via the RSA Archer blog.