Dawn of a new decade: Leaping from GRC to IRM – A building block approach

This blog was co-authored by Carisa Brockman, GRC Practice Lead.
First things first: It is crucial to understand the difference between Governance, Risk and Compliance (GRC) and Integrated Risk Management (IRM) because this sets the stage for long term strategic risk management and breaks down the siloed approach to risk that exists in many organizations today.  It is because GRC is sometimes implemented from a compliance-driven strategy rather than a risk driven initiative. Instead of delving into the name itself, let’s define the approach and get started with the key items to consider while making the transition from GRC to IRM, so that it feels less like a leap.
GRC can be defined as a set of tools for managing compliance and remains valuable for that specific challenge, but it aligns less precisely with today’s evolving definitions of risk and risk management. The answer is…

Posted by: Bindu Sundaresan

Read full post

      

The post Dawn of a new decade: Leaping from GRC to IRM – A building block approach appeared first on Cybersecurity Insiders.

February 24, 2020 at 09:08PM

Posted in: Cyber Security, Cybersecurity Insiders, Hacking, Hacking Articles, Hacking News, Security