- Many organizations struggle to identify critical risks, with 49% of respondents reporting challenges in prioritizing remediations.
- The use of GRC software for risk and compliance management is rising, but 14% of organizations still rely on spreadsheets, marking a 40% increase from last year.
- Despite improvements in centralizing GRC programs, data breaches have increased, with 59% of organizations experiencing breaches in the last 24 months.
The 2024 IT Risk and Compliance Benchmark Report highlights significant changes in how organizations handle risk and compliance management. While more companies are integrating risk and compliance activities, a notable 49% still face difficulties identifying and prioritizing critical risks. This underscores the ongoing challenges in optimizing workflows to manage IT risks effectively.
Despite the growing adoption of GRC software, 14% of respondents continue to use spreadsheets for IT compliance management, reflecting a 40% increase from the previous year. This reliance on outdated methods indicates a gap in leveraging advanced tools for better risk tracking and management. However, there is progress, with 83% of respondents now having a centralized GRC program, up from 68% last year, showing a trend towards more unified solutions.
The report also reveals a concerning rise in data breaches, with 59% of organizations experiencing a breach in the last 24 months, up from 42% in the previous report. This increase highlights the need for more robust security measures and risk management practices. As regulatory scrutiny intensifies, GRC professionals dedicate more time to IT risk management, emphasizing improving visibility, automating workflows, and enhancing control testing and analytics.
Overall, the report suggests that while there are positive strides in integrating risk and compliance functions, significant challenges remain in optimizing these processes and improving organizations’ overall security posture. The continued rise in data breaches and reliance on spreadsheets for risk management indicate areas that need urgent attention and improvement.
Leave a Reply
You must be logged in to post a comment.