The implementation of new initiatives in Governance, Risk, and Compliance (GRC) may be an overwhelming prospect for many organizations. With multiple views and aspects of GRC, it can be difficult to know where to begin. This paper proposes that the solution is to break GRC initiatives into a number of constituent components that can be addressed one at a time, beginning with those that are easiest to plan for and implement. Choosing the first area on which to focus may mean drilling down from the big picture of enterprise GRC to the IT framework that enables it, and then to some manageable aspect of that framework.
Did you find this white paper useful?
0 out of 1 users found this white paper useful
Related white papers
Accelerating Secure Business Applications Podcast
Download this Riverbed Connect podcast and listen as Bob Gilbert discusses with Mark Day, Riverbed's Chief Scientist, the details involving SSL encryption, SSL's impact on WAN optimization, and new wide-area...
Eroding Spam Filter Effectiveness: Bad for Business
As spammers and scammers continually introduce new and more sophisticated distribution techniques, organizations continue to see tremendous increases in spam and other email-borne threats--and the attacks are getting increasingly difficult...
Outbound Email and Data Loss Prevention in Today's Enterprise, 2008
How concerned are companies about the content of email leaving their organizations? And how do companies manage the legal and financial risks associated with outbound email? To find out, Proofpoint...
Extended Description Techniques for Security Engineering
There is a strong demand for techniques to aid development and modelling of security critical systems. Based on general security evaluation criteria, we show how to extend the system structure...
A Calculus for Cryptographic Protocols
We introduce the spi calculus, an extension of the pi calculus designed for describing and analyzing cryptographic protocols. We show how to use the spi calculus, particularly for studying authentication...
Trust Web Services and XML Security Standards
Web services are self-contained, modular applications that can be described, published, located, and invoked over the Internet. Web services perform well-defined functions both for applications and other Web services, which...
Critics Blast FCC Wiretap Specs
Sweeping standards announced by the Federal Communications Commission would make all common carriers, including cable operators and utilities offering telecommunications services, subject to a controversial 1994 digital wiretap law. Critics...
