We may earn an affiliate commission when you visit our partners.
John Elliott
GRC determines the information and cyber security an organization does. This course will teach you the fundamentals of governance, risk, compliance with external obligations, and assurance, and how they work together to keep an organization secure.
Read more
GRC determines the information and cyber security an organization does. This course will teach you the fundamentals of governance, risk, compliance with external obligations, and assurance, and how they work together to keep an organization secure.
Read more
GRC determines the information and cyber security an organization does. This course will teach you the fundamentals of governance, risk, compliance with external obligations, and assurance, and how they work together to keep an organization secure.
Organizations need to ensure they manage information security risks and comply with relevant laws, regulations, and contractual obligations. In this course, Information and Cyber Security Governance, Risk and Compliance (GRC), you’ll learn how they do this. First, you’ll explore risk, what it is, and how to manage it. Next, you’ll discover governance and compliance. Finally, you’ll learn how to work out if an organization is doing the information security it wants. When you’re finished with this course, you’ll have the skills and knowledge of governance, risk and compliance needed to start your GRC journey.
Register for this course and see more details by visiting:
OpenCourser.com/course/b139xz/information
Here's a deal for you
We found an offer that may be relevant to this course.
Save money when you learn.
All coupon codes, vouchers, and discounts are applied automatically unless otherwise noted.
What's inside
Syllabus
Course Overview
Why Do Information Security?
Recognizing Information Security Risk
Managing Information Security Risk
Read more
Syllabus
Course Overview
Why Do Information Security?
Recognizing Information Security Risk
Managing Information Security Risk
Read more
Meeting External Obligations
Information Security Governance
Compliance and Assurance
How Information Security GRC Fits into an Organization
Working in GRC
Good to know
Good to know
Know what's good ,
what to watch for , and
possible dealbreakers
Introduces learners to a topic that is standard in information security and cybersecurity
Teaches recognizable and established fundamentals of information security risk and risk management
Examines governance and compliance from the perspective of information security and cybersecurity
Explores assurance and how it works in information security
Provides insights into how information security governance, risk, and compliance fit into and support an organization
Offers exposure to working with governance, risk, and compliance in information security
Save this course
Save Information and Cyber Security Governance, Risk and Compliance (GRC) to your list so you can find it easily later:
Save
Save
Activities
Be better prepared
before
your course. Deepen your understanding
during
and
after
it. Supplement your coursework and achieve mastery of the topics covered
in Information and Cyber Security Governance, Risk and Compliance (GRC) with these
activities:
Join a study group with other students interested in GRC
Show steps
Meet once a week with other students to discuss course material.
Show steps
-
Meet once a week with other students to discuss course material.
-
Review course material together.
-
Work on practice problems together.
review info sec
Show steps
Familiarize yourself with basic concepts in these areas to prepare for course.
Show steps
-
Identify and list the key concepts in info sec risk management.
-
Research and define the primary standards.
-
Review the definitions and scope of governance, compliance obligations.
Review risk management processes
Show steps
Bring your existing knowledge up to speed for the course
Browse courses on
Risk Management
Show steps
-
Review your notes or study materials on risk management processes.
-
Complete practice questions or exercises on risk management.
11 other activities
Expand to see all activities and additional details
Show all 14 activities
Review the ISO/IEC 27001 standard
Show steps
Review the ISO/IEC 27001 standard. This is a great way to learn about the best practices for information security management.
Browse courses on
ISO/IEC 27001
Show steps
-
Read the ISO/IEC 27001 standard.
-
Take an online course on ISO/IEC 27001.
-
Attend a workshop on ISO/IEC 27001.
Join a study group or online forum
Show steps
Engage with peers and share knowledge.
Show steps
-
Identify a study group or online forum focused on GRC.
-
Join the group and participate in discussions.
Attend an industry conference on GRC
Show steps
Attend an industry conference on GRC. This is a great way to learn about the latest trends in GRC and network with other professionals in the field.
Show steps
-
Find an industry conference on GRC.
-
Register for the conference.
-
Attend the conference.
-
Network with other professionals in the field.
Follow a tutorial on GRC frameworks
Show steps
Expand your knowledge and learn best practices.
Show steps
-
Identify a reputable source for GRC framework tutorials.
-
Select a framework that aligns with your organization's needs.
-
Follow the tutorial steps to implement the framework in your organization.
Compile a list of resources on GRC best practices
Show steps
Organize and expand your knowledge base.
Browse courses on
Information Security Best Practices
Show steps
-
Conduct research on GRC best practices.
-
Identify reputable sources, such as industry reports, white papers, and articles.
-
Organize the resources into a central repository.
Complete the NIST Cybersecurity Framework
Show steps
Go through the NIST Cybersecurity Framework and complete the exercises. This will help you understand how to implement GRC in your organization. This tutorial can be found at NIST's website.
Browse courses on
NIST Cybersecurity Framework
Show steps
-
Go to the NIST website.
-
Read the NIST Cybersecurity Framework.
-
Complete the NIST Cybersecurity Framework exercises.
Conduct security audits
Show steps
Practice in a realistic environment and test your skills.
Browse courses on
Security Audits
Show steps
-
Choose a target system or application to audit.
-
Plan and scope the audit.
-
Execute the audit procedures.
-
Report the audit findings and recommendations.
ISC2 GRC Tutorial
Show steps
Completing this tutorial will provide a comprehensive overview of GRC.
Show steps
-
Enroll and complete the ISC2 GRC tutorial.
Practice conducting a risk assessment
Show steps
Conduct a mock risk assessment for an organization. This will help you apply the concepts you've learned in the course. Choose a fictional organization so the results don't affect a real entity.
Browse courses on
Risk Assessment
Show steps
-
Choose a fictional organization to conduct the assessment on.
-
Identify the organization's information assets and vulnerabilities.
-
Analyze the risks to the organization's information assets and vulnerabilities.
-
Evaluate the risks and determine which ones need to be addressed.
-
Develop a risk treatment plan to address the risks.
Develop an information security policy
Show steps
Demonstrate your understanding of the GRC principles.
Show steps
-
Identify the scope and objectives of the policy.
-
Research relevant laws, regulations, and standards.
-
Develop the policy content, including roles and responsibilities, security controls, and incident response procedures.
-
Review and approve the policy with stakeholders.
Create a presentation on GRC and how it can be applied to your organization
Show steps
In this activity, you will create a presentation on how GRC can be applied to your existing and/or future organization. Use a fictitious organization's name and make all information up.
Show steps
-
Research GRC and its components.
-
Identify the applicable laws, regulations, and contractual obligations that your organization must comply with.
-
Develop a plan for implementing GRC in your organization.
-
Create a presentation on GRC and how it can be applied to your organization.
-
Deliver your presentation to your colleagues.
Join a study group with other students interested in GRC
Show steps
Meet once a week with other students to discuss course material.
Show steps
Show steps
Show steps
- Meet once a week with other students to discuss course material.
- Review course material together.
- Work on practice problems together.
review info sec
Show steps
Familiarize yourself with basic concepts in these areas to prepare for course.
Show steps
Show steps
Show steps
- Identify and list the key concepts in info sec risk management.
- Research and define the primary standards.
- Review the definitions and scope of governance, compliance obligations.
Review risk management processes
Show steps
Bring your existing knowledge up to speed for the course
Browse courses on
Risk Management
Show steps
Show steps
Show steps
- Review your notes or study materials on risk management processes.
- Complete practice questions or exercises on risk management.
11 other activities
Expand to see all activities and additional details
Show all 14 activities
Review the ISO/IEC 27001 standard
Show steps
Review the ISO/IEC 27001 standard. This is a great way to learn about the best practices for information security management.
Browse courses on
ISO/IEC 27001
Show steps
Show steps
Show steps
- Read the ISO/IEC 27001 standard.
- Take an online course on ISO/IEC 27001.
- Attend a workshop on ISO/IEC 27001.
Join a study group or online forum
Show steps
Engage with peers and share knowledge.
Show steps
Show steps
Show steps
- Identify a study group or online forum focused on GRC.
- Join the group and participate in discussions.
Attend an industry conference on GRC
Show steps
Attend an industry conference on GRC. This is a great way to learn about the latest trends in GRC and network with other professionals in the field.
Show steps
Show steps
Show steps
- Find an industry conference on GRC.
- Register for the conference.
- Attend the conference.
- Network with other professionals in the field.
Follow a tutorial on GRC frameworks
Show steps
Expand your knowledge and learn best practices.
Show steps
Show steps
Show steps
- Identify a reputable source for GRC framework tutorials.
- Select a framework that aligns with your organization's needs.
- Follow the tutorial steps to implement the framework in your organization.
Compile a list of resources on GRC best practices
Show steps
Organize and expand your knowledge base.
Browse courses on
Information Security Best Practices
Show steps
Show steps
Show steps
- Conduct research on GRC best practices.
- Identify reputable sources, such as industry reports, white papers, and articles.
- Organize the resources into a central repository.
Complete the NIST Cybersecurity Framework
Show steps
Go through the NIST Cybersecurity Framework and complete the exercises. This will help you understand how to implement GRC in your organization. This tutorial can be found at NIST's website.
Browse courses on
NIST Cybersecurity Framework
Show steps
Show steps
Show steps
- Go to the NIST website.
- Read the NIST Cybersecurity Framework.
- Complete the NIST Cybersecurity Framework exercises.
Conduct security audits
Show steps
Practice in a realistic environment and test your skills.
Browse courses on
Security Audits
Show steps
Show steps
Show steps
- Choose a target system or application to audit.
- Plan and scope the audit.
- Execute the audit procedures.
- Report the audit findings and recommendations.
ISC2 GRC Tutorial
Show steps
Completing this tutorial will provide a comprehensive overview of GRC.
Show steps
Show steps
Show steps
- Enroll and complete the ISC2 GRC tutorial.
Practice conducting a risk assessment
Show steps
Conduct a mock risk assessment for an organization. This will help you apply the concepts you've learned in the course. Choose a fictional organization so the results don't affect a real entity.
Browse courses on
Risk Assessment
Show steps
Show steps
Show steps
- Choose a fictional organization to conduct the assessment on.
- Identify the organization's information assets and vulnerabilities.
- Analyze the risks to the organization's information assets and vulnerabilities.
- Evaluate the risks and determine which ones need to be addressed.
- Develop a risk treatment plan to address the risks.
Develop an information security policy
Show steps
Demonstrate your understanding of the GRC principles.
Show steps
Show steps
Show steps
- Identify the scope and objectives of the policy.
- Research relevant laws, regulations, and standards.
- Develop the policy content, including roles and responsibilities, security controls, and incident response procedures.
- Review and approve the policy with stakeholders.
Create a presentation on GRC and how it can be applied to your organization
Show steps
In this activity, you will create a presentation on how GRC can be applied to your existing and/or future organization. Use a fictitious organization's name and make all information up.
Show steps
Show steps
Show steps
- Research GRC and its components.
- Identify the applicable laws, regulations, and contractual obligations that your organization must comply with.
- Develop a plan for implementing GRC in your organization.
- Create a presentation on GRC and how it can be applied to your organization.
- Deliver your presentation to your colleagues.
Career center
Learners who complete Information and Cyber Security Governance, Risk and Compliance (GRC) will develop knowledge and skills
that may be useful to these careers:
Compliance Manager
Compliance Manager
Compliance Managers oversee the creation, implementation, and maintenance of an organization's compliance program. This course can help build a foundation in the fundamentals of compliance, including external obligations and meeting regulatory requirements. Additionally, it provides an understanding of governance and risk management, which are essential for success in this role.
IT Risk Analyst
IT Risk Analyst
IT Risk Analysts identify, assess, and mitigate risks to an organization's IT systems and data. This course provides a comprehensive overview of information security risk management, including risk identification, analysis, and mitigation strategies. It also covers governance and compliance, which are important considerations for IT Risk Analysts.
Information Security Auditor
Information Security Auditor
Information Security Auditors evaluate an organization's information security program and controls to ensure compliance with regulatory requirements and best practices. This course provides a comprehensive understanding of information security governance, risk management, and compliance, which are critical for Information Security Auditors.
Information Security Analyst
Information Security Analyst
Information Security Analysts plan and implement security measures to protect an organization's information and systems from unauthorized access, use, disclosure, disruption, modification, or destruction. This course helps build a foundation in information security governance, risk management, and compliance, which are essential for success in this role.
Privacy Analyst
Privacy Analyst
Privacy Analysts help organizations develop and implement privacy policies and procedures to protect personal data. This course can help build a foundation in the legal and regulatory landscape of privacy, as well as the principles and practices of data protection. It also covers governance and compliance, which are important considerations for Privacy Analysts.
IT Security Architect
IT Security Architect
IT Security Architects design and implement security solutions to protect an organization's information systems and data. This course provides a solid foundation in information security governance, risk management, and compliance, which are essential for success in this role. Additionally, it covers key security concepts and principles.
Security Consultant
Security Consultant
Security Consultants provide advice and guidance to organizations on how to improve their security posture. This course can help build a foundation in information security governance, risk management, and compliance, which are essential for success in this role. Additionally, it provides an understanding of industry best practices and emerging security threats.
Cybersecurity Analyst
Cybersecurity Analyst
Cybersecurity Analysts monitor and analyze data to identify and respond to cybersecurity threats. This course provides a comprehensive overview of information security governance, risk management, and compliance, which are essential for success in this role. Additionally, it covers key cybersecurity concepts and principles.
Risk Manager
Risk Manager
Risk Managers identify, assess, and mitigate risks to an organization's operations. This course provides a comprehensive overview of risk management, including risk identification, analysis, and mitigation strategies. It also covers governance and compliance, which are important considerations for Risk Managers.
Information Security Manager
Information Security Manager
Information Security Managers oversee the development and implementation of an organization's information security program. This course can help build a foundation in information security governance, risk management, and compliance, which are essential for success in this role. Additionally, it provides an understanding of industry best practices and emerging security threats.
Compliance Officer
Compliance Officer
Compliance Officers ensure that an organization complies with applicable laws and regulations. This course may be helpful in providing a broad understanding of governance, risk management, and compliance, which are important considerations for Compliance Officers.
Auditor
Auditor
Auditors examine an organization's financial records and operations to ensure compliance with laws and regulations. This course may be helpful in providing a broad understanding of governance, risk management, and compliance, which are important considerations for Auditors.
Risk Analyst
Risk Analyst
Risk Analysts identify, assess, and mitigate risks to an organization's operations. This course may be helpful in providing a broad understanding of risk management, which is an important consideration for Risk Analysts.
Business Analyst
Business Analyst
Business Analysts analyze business needs and develop solutions to improve business processes. This course may be helpful in providing a broad understanding of governance, risk management, and compliance, which are important considerations for Business Analysts. Additionally, it can help develop analytical and problem-solving skills.
Project Manager
Project Manager
Project Managers plan and execute projects to achieve specific goals and objectives. This course may be helpful in providing a broad understanding of governance, risk management, and compliance, which are important considerations for Project Managers. Additionally, it can help develop project planning and management skills.
For more career information including salaries, visit:
OpenCourser.com/course/b139xz/information
Reading list
We've selected six books
that we think will supplement your
learning. Use these to
develop background knowledge, enrich your coursework, and gain a
deeper understanding of the topics covered in
Information and Cyber Security Governance, Risk and Compliance (GRC).
Provides a comprehensive overview of the NIST Cybersecurity Framework, which foundational framework for information security GRC.
Provides a comprehensive overview of information security management, including GRC.
Provides more technical detail on how to manage risk in an information security context.
Provides a comprehensive overview of digital transformation, including the role of information security GRC.
Provides a step-by-step guide to conducting security risk assessments.
Save
Provides a quick and easy reference to the ISO 27001 and ISO 27002 standards, which are foundational to information security GRC.
For more information about how these books relate to this course, visit:
OpenCourser.com/course/b139xz/information
Share
Similar courses
Here are nine courses similar to
Information and Cyber Security Governance, Risk and Compliance (GRC).
Information and Cyber Security Literacy: Governance, Risk, and Compliance
OpenCourser.com/course/57dogb/information
Information and Cyber Security Literacy: Governance, Risk...
Most relevant
Information and Cyber Security GRC: Governance
OpenCourser.com/course/keff97/information
Information and Cyber Security GRC: Governance
Most relevant
Information and Cyber Security GRC: Compliance Assessment and Reporting
OpenCourser.com/course/umowd8/information
Information and Cyber Security GRC: Compliance Assessment...
Most relevant
The GRC Approach to Managing Cybersecurity
OpenCourser.com/course/5o6pm4/the
The GRC Approach to Managing Cybersecurity
Most relevant
Information Security Risk Management Program for CGRC
OpenCourser.com/course/brfzyx/information
Information Security Risk Management Program for CGRC
Most relevant
Cloud Computing Fundamentals: Governance, Risk, Compliance, and Security
OpenCourser.com/course/xsp31s/cloud
Cloud Computing Fundamentals: Governance, Risk,...
Most relevant
Continuous Monitoring for CGRC
OpenCourser.com/course/cy2uze/continuous
Continuous Monitoring for CGRC
Most relevant
Selection and Approval of Security and Privacy Controls for CGRC
OpenCourser.com/course/zetcyw/selection
Selection and Approval of Security and Privacy Controls...
Most relevant
Governance, Risk, and Compliance
OpenCourser.com/course/78q3dk/governance
Governance, Risk, and Compliance
Most relevant
Time
116 hours
Level
Introductory
Via
Pluralsight
Instructor
John Elliott
Language
English
Good to know
Introduces learners to a topic that is standard in information security and cybersecurity
Teaches recognizable and established fundamentals of information security risk and risk management
Examines governance and compliance from the perspective of information security and cybersecurity
Explores assurance and how it works in information security
Provides insights into how information security governance, risk, and compliance fit into and support an organization
Offers exposure to working with governance, risk, and compliance in information security
Our mission
OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.
Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.
Find this site helpful? Tell a friend about us.
Affiliate disclosure
We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.
Your purchases help us maintain our catalog and keep our servers humming without ads.
Thank you for supporting OpenCourser.
© 2016 - 2024 OpenCourser