Cybersecurity GRC
  • Cybersecurity GRC
    • Cybersecurity GRC in plain English
    • Information security definition
    • IT governance
    • Compliance frameworks and industry standards
    • Important cybersecurity regulations
    • The GRC approach to managing cybersecurity
    • Ethical AI frameworks, initiatives, and resources
Powered by GitBook
On this page

Cybersecurity GRC

This book chapter explains the theory and practice of cybersecurity GRC in enterprises. This chapter is open source and a work in progress

Information security definition

This section offers an expansive definition of information security to highlight its place in enterprise cybersecurity GRC.

IT governance

This section introduces IT governance as the highest level/most abstract conceptual framework for operationalizing information security management within organizations.

Compliance frameworks and industry standards

This section covers key cybersecurity compliance frameworks and industry standards, including NIST, GDPR, ISO, SOC, HIPAA, and PCI.

Important cybersecurity regulations

This section shed light on the main cybersecurity regulations and standards pertinent to information security risk management.

The GRC approach to managing cybersecurity

This section situates GRC within IT governance and presents GRC as a risk management framework.

Ethical AI frameworks, initiatives, and resources

A literature review of ethical AI frameworks for the design and governance of AI systems and a pragmatic framework and approach for the ethical design of AI systems.

NextCybersecurity GRC in plain English

Last updated 10 months ago