GR What?

Governance, risk management and compliance platforms take a broad and complex series of business tasks and whittle them down to a central point of focus for the enterprise.

Basically, they're a technological solution for keeping track of programs of corporate governance, managing known and potential risks for a business, and staying in compliance with regulatory requirements. All these platforms incorporate varying degrees of workflow management, data visualization, content management, and reporting on related performance metrics.

The Leaders

Forrester examined 14 vendors of enterprise GRC platforms, and picked AXENTIS, BWise, MetricStream, OpenPages, and Thomson Reuters as leaders in the space.

It might surprise you that GRC platforms from enterprise software giants like SAP have been beaten out by much smaller vendors. But in an emerging market, it makes perfect sense that agile young companies can dominate big players who have come late to the game.

Close, But No Cigar

Integrated governance, risk management and compliance platforms present a new way to handle these business processes. Forrester itself published a report that predicted GRC would first "hit the big time" just this year. All the leaders in the market thus far have sold a respectable amount of customers on the notion that they decrease risk, boost overall efficiency, and make strategy and decision making easier.

But platforms for governance, risk and compliance still come off as a specialist product for large enterprises in volatile markets, rather than a core business tool. The ever-growing pack of GRC vendors have clearly defined the value they deliver, but not that they're something the enterprise cannot do without during a period of belt tightening.

Image courtesy Forrester Research, Photo credit Gill Wildman