Comments on: What business has to learn so that IT can align

By: Martin Kuppinger blog: What business has to learn so that IT can align « The Technology Side of GRC

Fri, 26 Feb 2010 18:29:44 +0000

[...] is really on a roll now. A nice follow up from Martin about how security and business functions must be better aligned. This is very timely to my [...]

By: Ed King

Ed King — Fri, 26 Feb 2010 18:20:21 +0000

Martin,

Excellent series of posts on GRC. I couldn't agree more. In order for security executives to "have a seat at the adult's table", these executives must be able to related their security operations, budget, and achievements back to business objectives, enterprise risk and compliance priorities. Conversely, business needs to stop treating security like a black box and understand that in this day and age, much of an organization's business risks are IT related. GRC and security need to converge and we are certainly seeing that in our customer base. It does seem like CISOs are the ones leading this transformation, not the business.

By: Janice Gaines

Janice Gaines — Fri, 26 Feb 2010 15:29:33 +0000

This is almost uncanny: May I point you to a book titled "I.T. Wars: Managing the Business-Technology Weave in the New Millennium" – I don't want to run the risk of this being flagged as commercial spam: Much of the book is available for FREE reading on Google Books, and you can glean a lot of great ideas from that. I would urge every business person and IT person, management or staff, to get hold of a copy of "I.T. Wars" – it's in our library too (Fairfax, VA). Our project managers are reading it. Our vendors are required to read it (they can borrow our copies if they don't want to purchase it). Any agencies that wish to partner with us: We ask that they read it. Do yourself a favor and read this book – then ask your boss to read it – then ask your staff and co-workers to read it. It has made a tremendous difference where I work