Creating an IT Governance/GRC Program

Once we define the WHAT, HOW and WHY behind our IT control frameworks, we can begin to form the GRC office. GRC is a shortened form of Governance, Risk and Compliance, the three linked disciplines that help to guide IT Operations to provide controls over Ethics, Transparency and Alignment with Business objectives. Continue reading