Chapter 1: Introduction to cyber security GRC

Background to GRC

Governance. Risk. Compliance (or ‘Control’). Simple words – but they encompass so much. They cover the steps taken by organisations to ensure they act ethically, legally and with integrity, and can effectively and efficiently handle risks (or other uncertainties) in achieving their business goals or other objectives.

GRC was first defined by Scott Mitchell, OCEG, in 2007 as:

the integrated collection of capabilities that enable an organization to reliably achieve objectives, address uncertainty and act with integrity.²

Governance is the ability to ensure that the organisation achieves its goals and objectives. It includes policies and processes led by senior management and the board ...

Get How Cyber Security Can Protect Your Business - A guide for all stakeholders now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

How Cyber Security Can Protect Your Business - A guide for all stakeholders by Christopher Wright

CHAPTER 1: INTRODUCTION TO CYBER SECURITY GRC

Background to GRC

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly