Statutory and Regulatory GRC
Security criteria for governance, risk, and compliance are covered in this chapter, to include US federal statutory laws and requirements, federal agency regulatory requirements, and various international and industry standards and requirements.
Today’s security world includes a major change from the past. All security and corporate managers now need to be concerned with compliance and governance of risks, security, and the information usage in their systems. These processes have evolved over the past 10 years into an area known as GRC. GRC is an acronym for governance, risk, and compliance and includes corporate considerations of risks, methods, ...
Get Security Controls Evaluation, Testing, and Assessment Handbook now with O’Reilly online learning.
O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.