.: Resources :: GRC Defined

GRC definitions

GRC is an abbreviation for Governance, Risk Management and Compliance Management.

IT GRC is often perceived to have two meanings:

  1. Using IT to manage the various Governance, Risk Management and Compliance Management processes of an organization.
  2. Ensuring proper governance, risk management and compliance management of all IT systems and processes that support the business operations.

GRC resources

ISO 31000

This risk management standard defines risk as the effect of uncertainty on business objectives

Wikipedia

Wikipedia about Governance, Risk and Compliance..

Corporate Integrity

Michael Rasmussen at Corporate Integrity, LLC defines GRC as follows:

  • Governance is the culture, policies, processes, laws, and institutions that define the structure by which companies are directed and managed.
  • Risk Management is the coordinated activities to direct and control an organization to realize opportunities while managing negative events.
  • Compliance is the act of adhering to, and demonstrating adherence to, external laws and regulations as well as corporate policies and procedures.

(end of quote).

Aberdeen surveys the effectiveness of GRC

Aberdeen research shows how companies are using governance, risk and compliance (GRC) management to enable competitive differentiation, cost reduction, and growth. Get your free copy here.

ISACA

The ISACA association has embraced IT Governance for several years. The IT Goverance Institute  - ITGI - is publishing COBIT 4.1, the widely adopted IT Governance Framework, that is being used by many organizations to support Sarbanes Oxley compliance. Risk IT is a recent risk management framework, publiced by ISACA.

Neupart is proud to be a licensee of COBIT. The SecureAware IT GRC solution includes the COBIT control objectives.

OCEG

OCEG is a nonprofit organization who is promoting governance, risk management, and compliance processes.

 

SecureAware by Neupart

SecureAware is a complete IT GRC package that includes modules that can be purchased separately or bundled to address your IT GRC challenges.

Policy-Icon Policy Management..
  • SecureAware Policy
Awareness-icon Security Awareness..
  • SecureAware Education
  • SecureAware Survey
Risk-icon Risk Assessment..
  • SecureAware Risk
Compliance-icon Compliance..
  • SecureAware Compliance Workflow
  • SecureAware Compliance Analysis 2
BCP-icon

Business Continuity Planning..

  • SecureAware BCP

Request a demo

 

About Neupart

Neupart, an ISO 27001 certified company, provides an all-in-one IT GRC solution allowing organizations to automate IT Governance, Risk and Compliance management. Whether you need to manage evolving business risks or achieve continuous compliance with PCI DSS, ISO 27001, Sarbanes-Oxley, CSA, ENISA or WLA SCS, Neupart allows you to respond effectively - in the cloud or on the ground. More than 300 organizations worldwide are Neupart customers, including governments, utilities, banks and insurance firms, IT Service providers and lotteries. Learn more ..

Contact

Find us on Google+

Email

Support  Newsletter  Sales

Phone

Denmark +45 7025 8030

Germany +49 2102 420926