Cybersecurity GRC
This chapter covers the theory and practice of cybersecurity GRC in enterprises
Topics covered in this chapter
Cybersecurity GRC in plain English
This section demystifies cybersecurity GRC. This discussion situates cybersecurity management within IT governance and presents GRC as a cybersecurity risk management framework.
This section introduces IT governance as the highest level/most abstract conceptual framework for operationalizing information security management within organizations.
Compliance frameworks and industry standards
This section covers key cybersecurity compliance frameworks and industry standards, including NIST, GDPR, ISO, SOC, HIPAA, and PCI.
Important cybersecurity regulations
This section shed light on the main cybersecurity regulations and standards pertinent to information security risk management.
The GRC approach to managing cybersecurity
This section situates GRC within IT governance and presents GRC as a risk management framework.
Ethical AI frameworks, initiatives, and resources
A literature review of ethical AI frameworks for the design and governance of AI systems and a pragmatic framework and approach for the ethical design of AI systems.
Last updated