IT risk management practices still suffer from a degree of fragmentation that hinders the ability of executives to see a reasonably complete picture and make well-informed, commercially reasonable, legally defensible decisions. IT GRC tools have now begun integrating BCM functions and reporting, allowing business leaders better, more complete insight into operational risk. Integrating BCM and IT/infosec will also improve overall operational risk awareness and management through improved risk visibility. The Long-Tail of Operational Risk is important for being comprehensive, comprehensive, and for conducting a commercially reasonable security and risk management program.”]