Designing a GRC Framework

Presented by

Richard Hollis, Director, Risk Factory

About this talk

What is the essence of information security governance, risk & compliance? How do you meet your governance, risk and compliance requirements and prevent a data breach? The key is to understand the spirit of risk management and create a customised information security management system (ISMS) for your business. This presentation details a practical, step-by-step guide for designing and implementing a cost-effective ISMS to minimise your risk of a breach and meet your Association’s legislative (Data Protection Act), regulatory (Payment Card Industry), or industry standard (ISO-27001) compliance requirements to include: · Practical ISMS documentation structure · Scope, objectives & risk strategy examples · Risk treatment plan, asset register & classification guide examples · Policy frameworks · Control objectives, evidence & policy examples · Audit & testing documentation examples

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (7)
Subscribers (397)
We are an elite group of product-independent, information governance, risk, and compliance management professionals and the forerunners in the design and delivery of effective business information and communication technology risk and security solutions.