The GRC Approach to Managing Cybersecurity
Managing cybersecurity is about managing risk, specifically the risk to information assets of valued by an organization. This course examines the role of Governance, Risk Management, and Compliance (GRC) as part of the Cybersecurity management process, including key functions of planning, policies, and the administration of technologies to support the protection of critical information assets.
In this course, a learner will be able to:
● Identify the importance and functions of Governance, Risk Management, and Compliance in Cybersecurity program management.
● Describe best practices in risk management including the domains of risk assessment and risk treatment.
● Describe the structure and content of Cybersecurity-related strategy, plans, and planning
● Identify the key components and methodologies of Cybersecurity policies and policy development
● Discuss the role of performance measures as a method to assess and improve GRC programs