Infosec glossary entry

GRC

GRC:
Governance, Risk, and Compliance

[…] is an organizational strategy for managing governance, risk management, and compliance with industry and government regulations. GRC also refers to an integrated suite of software capabilities for implementing and managing an enterprise GRC program.

GRC’s set of practices and processes provides a structured approach to aligning IT with business objectives. GRC helps companies effectively manage IT and security risks, reduce costs, and meet compliance requirements. It also helps improve decision-making and performance through an integrated view of how well an organization manages its risks.
https://www.ibm.com/topics/grc

Related entries

Share 0
Tweet 0
Share 0

By jean-christoph

May 13, 2023

compliance, governance, risk management
Leave a Reply

Your email address will not be published. Required fields are marked

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

this might interest you as well

compliance, ethics, infosec, security awareness, security culture, security policy

Unlock Effective Cybersecurity: Simplify Policies with the Clarity of the OSI Model

ethics, Psychologie, security awareness, security culture

Leveraging Psychology in Cybersecurity: Strategies for SMEs

awareness training, ethics, phishing, phishing simulations, security awareness, security culture

Ethical considerations in phishing tests: to inform employees or not?