GRC tools for business intelligence security
Does the business intelligence (BI) security issue fall under the governance, risk and compliance (GRC) security domain? If yes, which GRC tools are relevant for implementing security?
Business intelligence (BI) is an essential component to a successful governance, risk and compliance (GRC)
strategy: It involves what I refer to as risk and regulatory intelligence
. Basically, business has to monitor its internal environment -- as well as the external environment the company operates in -- for issues, events and risks that can impact the organization. The goal is be intelligent to maximize opportunities while mitigating or avoiding negative events.
In the business intelligence (BI) security domain to which you refer, this means implementing tools that have the ability to integrate into your environment to monitor changes, collect information, and report on the state of security across systems, processes and relationships. Further, these tools need to have content and process/workflow management capabilities to store information and provide processes to evaluate risk.
The core of governance, risk and compliance is built upon tools such as these. For the security department specifically, I would look towards GRC vendors such as Archer Technologies and Brabeion.
More information about business intelligence security
Business intelligence security considerations
More about governance, risk and compliance (GRC) tools
Sarbanes-Oxley compliance: Governance, risk and compliance tools vs. spreadsheets
This was first published in March 2008