In recent months, the theme of IT governance, risk and compliance management (GRC) has received new levels of both interest and criticism. Some contrarian naysayers are challenging GRC itself, and IT GRC in particular. Yes, already in this short time, IT GRC has become a loaded term, high on expectations but far too often short on specifics. What exactly does it mean to enterprises pursuing the broad mandates implied?

To shed some light on this heated debate, SailPoint has partnered with Enterprise Management Associated® (EMA™) to offer you the following:

• A special EMA Advisory Note summarizing EMA's 2008 Survey of IT Governance, Risk and Compliance Management in the Real World. The note provides a summary of the challenges expressed by the 224 survey respondents, key findings of the survey – among them: the majority of respondents place high emphasis on "turning process into a strategic asset" in the words of one respondent. And, it discusses the tools used by today's high performers in the areas of GRC
• A companion podcast in which Scott Crawford, Research Director for EMA, talks about his latest research findings and offers insights into the role played by identity and access management in this renewed IT GRC challenge.