Mapping GRC Policies, Regulations, Standards and Processes

Logo
Presented by

David Cuthbertson - CEO Square Mile Systems and Charlie Muir - Consulting Services Director - Secrutiny

About this talk

Mapping and understanding GRC (Governance, Risk Management and Compliance) is necessary to ensure cybersecurity policies and processes are maintained effectively, avoiding duplication of effort and clarifying focus for shared IT engineering resources. As well as having sector led regulatory needs, there is often a multitude of management frameworks and standards involved – CoBit, ISO27001, NIST CSF, PCI DSS, CSC, ISO2000, TBM, eTOM, etc. (to name a few). All have their own focus and recommendations, so efficient ways of defining and maintaining business objectives, appropriate internal controls, processes and policies is important to meet GRC business needs. With more regulations being introduced by governments, GRC requirements are becoming increasingly complex so we’ll cover systematic ways of mapping common requirements to save a lot of effort. We are pleased to have support from Charlie Muir, Consulting Services Director at cyber security specialists Secrutiny.
Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (69)
Subscribers (6983)
How to implement improved practices and systems for enterprise environments covering data centres, networks, services etc.