"It's mostly about the maturity of the organization," says Paul Proctor, vice president of security and risk management at Gartner. "Are you ready for a more formalized and automated way of tracking controls? If you have your act together, you should be looking at this."
These products help automate GRC initiatives that are either largely manual or beyond the capabilities of most enterprises. They enable organizations to: