Given the turmoil that has engulfed the financial and business world since the collapse of Lehman Brothers, it is hardly surprising that dealing with risk has moved swiftly up the enterprise agenda.

This new emphasis on managing risk, as well as regulatory compliance, is shaping the IT agenda, and not just in financial services. Last December, Forrester Research, the IT analyst firm, predicted that governance, risk and compliance (GRC) would be one of the priorities for business leaders in 2009.