Cybersecurity GRC
  • Cybersecurity GRC
    • Cybersecurity GRC in plain English
    • Information security definition
    • IT governance
    • Compliance frameworks and industry standards
    • Important cybersecurity regulations
    • The GRC approach to managing cybersecurity
    • Ethical AI frameworks, initiatives, and resources
Powered by GitBook
On this page

Cybersecurity GRC

This book chapter explains the theory and practice of cybersecurity GRC in enterprises. This chapter is open source and a work in progress

NextCybersecurity GRC in plain English

Last updated 11 months ago

This section offers an expansive definition of information security to highlight its place in enterprise cybersecurity GRC.

This section introduces IT governance as the highest level/most abstract conceptual framework for operationalizing information security management within organizations.

This section covers key cybersecurity compliance frameworks and industry standards, including NIST, GDPR, ISO, SOC, HIPAA, and PCI.

This section shed light on the main cybersecurity regulations and standards pertinent to information security risk management.

This section situates GRC within IT governance and presents GRC as a risk management framework.

A literature review of ethical AI frameworks for the design and governance of AI systems and a pragmatic framework and approach for the ethical design of AI systems.

Information security definition
IT governance
Compliance frameworks and industry standards
Important cybersecurity regulations
The GRC approach to managing cybersecurity
Ethical AI frameworks, initiatives, and resources