The evolution of GRC best practices

The In Focus mini-series examines more closely issues and topics of importance to federal agencies and contractors. Each month, Federal News Radio speaks with key stakeholders to better understand challenges and opportunities. This month focuses on Governance, Risk and Compliance.

Governance, risk and compliance (GRC) best practices are evolving because the amount of risk and risk types are growing and becoming more complex. Just look at how much the cybersecurity risk landscape is changing. Therefore more specialization is needed in agencies to manage risk. Yet somehow this has to be coordinated across silos to get an enterprise picture. So that’s a major question for agencies — how do we bring together all of the assessments in a coordinated fashion? GRC helps establish taxonomy – a common language for describing risk – and put information into the right hands for making decisions. On the information technology front, how do we use technology to advance missions, because it brings risks. Cloud, mobile and the internet of things all allow more citizen services, but bring in new threats to be managed. Agencies need to bridge the gap between IT and the auditors and business owners in order to prioritize risks optimally.



Federal Drive host Tom Temin

Tom Temin, Federal News Radio

Tom Temin has been the host of the Federal Drive since 2006. Tom has been reporting on and providing insight to technology markets for more than 30 years.  Prior to joining Federal News Radio, Tom was a long-serving editor-in-chief of Government Computer News and Washington Technology magazines. Tom also contributes a regular column on government information technology.


David Walter


David Walter, Vice President, RSA Archer

David Walter is Vice President, RSA Archer, responsible for the RSA Archer product and business globally.  During David’s eleven years with Archer, he has served in many capacities such as Global Go To Market Lead, General Manager of GRC in EMEA, Director of Product Marketing and Strategy, and Director of Product Management. As a public accountant (CPA) and former CFO and internal auditor, he has been responsible for developing many of the solutions in the RSA Archer GRC suite. He was also a customer of the RSA Archer GRC suite having purchased it at the Washington Post Companies to manage Sarbanes-Oxley compliance. David has a true passion for enabling companies to manage business risk and inspiring everyone within an organization to own risk.

Copyright © 2020 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.