Information and Cyber Security Governance, Risk and Compliance (GRC)
GRC determines the information and cyber security an organization does. This course will teach you the fundamentals of governance, risk, compliance with external obligations, and assurance, and how they work together to keep an organization secure.
What you'll learn
Organizations need to ensure they manage information security risks and comply with relevant laws, regulations, and contractual obligations. In this course, Information and Cyber Security Governance, Risk and Compliance (GRC), you’ll learn how they do this. First, you’ll explore risk, what it is, and how to manage it. Next, you’ll discover governance and compliance. Finally, you’ll learn how to work out if an organization is doing the information security it wants. When you’re finished with this course, you’ll have the skills and knowledge of governance, risk and compliance needed to start your GRC journey.
Table of contents
About the author
John Elliott is a specialist in regulated security and data protection. His fascination is the way that people engage with security directives: whether that’s a company following external regulation, an information security team developing policies, an IT team following them, or a colleague who is just trying to do their job securely. John has led information security and data protection functions in aviation and financial services. He’s represented both Visa Europe and Mastercard on the PCI S... more