In a new report issued on the first of the month, Forrester Research has asserted the importance of enterprise platforms for governance, risk management, and compliance (GRC). Pointing to big name corporate failures in the last decade, they argue that the value proposition for GRC software is clear, and they identified leaders in this growing market.

The open question from the research is whether enterprises will really see the need as being so desperate. Fear may be a great motivator, but GRC platforms have yet to prove that they’re a piece of IT that businesses require to succeed.

GR What?

Governance, risk management and compliance platforms take a broad and complex series of business tasks and whittle them down to a central point of focus for the enterprise.

Basically, they’re a technological solution for keeping track of programs of corporate governance, managing known and potential risks for a business, and staying in compliance with regulatory requirements. All these platforms incorporate varying degrees of workflow management, data visualization, content management, and reporting on related performance metrics.

The Leaders

Forrester examined 14 vendors of enterprise GRC platforms, and picked

AXENTIS

,

BWise

,

MetricStream

,

OpenPages

, and

Thomson Reuters

as leaders in the space.

It might surprise you that GRC platforms from enterprise software giants like SAP have been beaten out by much smaller vendors. But in an emerging market, it makes perfect sense that agile young companies can dominate big players who have come late to the game.

Close, But No Cigar

Integrated governance, risk management and compliance platforms present a new way to handle these business processes. Forrester itself published a

report

that predicted GRC would first “hit the big time” just this year. All the leaders in the market thus far have sold a respectable amount of customers on the notion that they decrease risk, boost overall efficiency, and make strategy and decision making easier.

But platforms for governance, risk and compliance still come off as a specialist product for large enterprises in volatile markets, rather than a core business tool. The ever-growing pack of GRC vendors have clearly defined the value they deliver, but not that they’re something the enterprise cannot do without during a period of belt tightening.

Image courtesy Forrester Research, Photo credit Gill Wildman