Business Risk Management Part 2: 7 Steps to Build a GRC Framework

Look at information security through the lens of business risk, and you’ll begin to make decisions about security in light of their impact on the business. 

A GRC framework for business risk management can help you identify key business priorities and align them with security information and decisions. 

View part two of this on-demand webcast series. This session details a seven-step methodology for a GRC-based business risk management framework, including tips for: 

  • Defining what information needs to be protected and identifying the location and amount of important information 
  • Documenting processes and enterprise risk controls—documenting the activities as business processes and documenting the risks associated with the processes 
  • Determining levels of inherent and residual risk and answering the question of what to do with a residual risk level that exceeds risk tolerance and appetite
Recommended for you