We may earn an affiliate commission when you visit our partners.
John Elliott

GRC determines the information and cyber security an organization does. This course will teach you the fundamentals of governance, risk, compliance with external obligations, and assurance, and how they work together to keep an organization secure.

Read more

GRC determines the information and cyber security an organization does. This course will teach you the fundamentals of governance, risk, compliance with external obligations, and assurance, and how they work together to keep an organization secure.

Organizations need to ensure they manage information security risks and comply with relevant laws, regulations, and contractual obligations. In this course, Information and Cyber Security Governance, Risk and Compliance (GRC), you’ll learn how they do this. First, you’ll explore risk, what it is, and how to manage it. Next, you’ll discover governance and compliance. Finally, you’ll learn how to work out if an organization is doing the information security it wants. When you’re finished with this course, you’ll have the skills and knowledge of governance, risk and compliance needed to start your GRC journey.

Enroll now

What's inside

Syllabus

Course Overview
Why Do Information Security?
Recognizing Information Security Risk
Managing Information Security Risk
Read more
Meeting External Obligations
Information Security Governance
Compliance and Assurance
How Information Security GRC Fits into an Organization
Working in GRC

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Introduces learners to a topic that is standard in information security and cybersecurity
Teaches recognizable and established fundamentals of information security risk and risk management
Examines governance and compliance from the perspective of information security and cybersecurity
Explores assurance and how it works in information security
Provides insights into how information security governance, risk, and compliance fit into and support an organization
Offers exposure to working with governance, risk, and compliance in information security

Save this course

Save Information and Cyber Security Governance, Risk and Compliance (GRC) to your list so you can find it easily later:
Save

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Information and Cyber Security Governance, Risk and Compliance (GRC) with these activities:
Join a study group with other students interested in GRC
Meet once a week with other students to discuss course material.
Show steps
  • Meet once a week with other students to discuss course material.
  • Review course material together.
  • Work on practice problems together.
review info sec
Familiarize yourself with basic concepts in these areas to prepare for course.
Show steps
  • Identify and list the key concepts in info sec risk management.
  • Research and define the primary standards.
  • Review the definitions and scope of governance, compliance obligations.
Review risk management processes
Bring your existing knowledge up to speed for the course
Browse courses on Risk Management
Show steps
  • Review your notes or study materials on risk management processes.
  • Complete practice questions or exercises on risk management.
11 other activities
Expand to see all activities and additional details
Show all 14 activities
Review the ISO/IEC 27001 standard
Review the ISO/IEC 27001 standard. This is a great way to learn about the best practices for information security management.
Browse courses on ISO/IEC 27001
Show steps
  • Read the ISO/IEC 27001 standard.
  • Take an online course on ISO/IEC 27001.
  • Attend a workshop on ISO/IEC 27001.
Join a study group or online forum
Engage with peers and share knowledge.
Show steps
  • Identify a study group or online forum focused on GRC.
  • Join the group and participate in discussions.
Attend an industry conference on GRC
Attend an industry conference on GRC. This is a great way to learn about the latest trends in GRC and network with other professionals in the field.
Show steps
  • Find an industry conference on GRC.
  • Register for the conference.
  • Attend the conference.
  • Network with other professionals in the field.
Follow a tutorial on GRC frameworks
Expand your knowledge and learn best practices.
Show steps
  • Identify a reputable source for GRC framework tutorials.
  • Select a framework that aligns with your organization's needs.
  • Follow the tutorial steps to implement the framework in your organization.
Compile a list of resources on GRC best practices
Organize and expand your knowledge base.
Show steps
  • Conduct research on GRC best practices.
  • Identify reputable sources, such as industry reports, white papers, and articles.
  • Organize the resources into a central repository.
Complete the NIST Cybersecurity Framework
Go through the NIST Cybersecurity Framework and complete the exercises. This will help you understand how to implement GRC in your organization. This tutorial can be found at NIST's website.
Show steps
  • Go to the NIST website.
  • Read the NIST Cybersecurity Framework.
  • Complete the NIST Cybersecurity Framework exercises.
Conduct security audits
Practice in a realistic environment and test your skills.
Browse courses on Security Audits
Show steps
  • Choose a target system or application to audit.
  • Plan and scope the audit.
  • Execute the audit procedures.
  • Report the audit findings and recommendations.
ISC2 GRC Tutorial
Completing this tutorial will provide a comprehensive overview of GRC.
Show steps
  • Enroll and complete the ISC2 GRC tutorial.
Practice conducting a risk assessment
Conduct a mock risk assessment for an organization. This will help you apply the concepts you've learned in the course. Choose a fictional organization so the results don't affect a real entity.
Browse courses on Risk Assessment
Show steps
  • Choose a fictional organization to conduct the assessment on.
  • Identify the organization's information assets and vulnerabilities.
  • Analyze the risks to the organization's information assets and vulnerabilities.
  • Evaluate the risks and determine which ones need to be addressed.
  • Develop a risk treatment plan to address the risks.
Develop an information security policy
Demonstrate your understanding of the GRC principles.
Show steps
  • Identify the scope and objectives of the policy.
  • Research relevant laws, regulations, and standards.
  • Develop the policy content, including roles and responsibilities, security controls, and incident response procedures.
  • Review and approve the policy with stakeholders.
Create a presentation on GRC and how it can be applied to your organization
In this activity, you will create a presentation on how GRC can be applied to your existing and/or future organization. Use a fictitious organization's name and make all information up.
Show steps
  • Research GRC and its components.
  • Identify the applicable laws, regulations, and contractual obligations that your organization must comply with.
  • Develop a plan for implementing GRC in your organization.
  • Create a presentation on GRC and how it can be applied to your organization.
  • Deliver your presentation to your colleagues.

Career center

Learners who complete Information and Cyber Security Governance, Risk and Compliance (GRC) will develop knowledge and skills that may be useful to these careers:
Compliance Manager
Compliance Managers oversee the creation, implementation, and maintenance of an organization's compliance program. This course can help build a foundation in the fundamentals of compliance, including external obligations and meeting regulatory requirements. Additionally, it provides an understanding of governance and risk management, which are essential for success in this role.
IT Risk Analyst
IT Risk Analysts identify, assess, and mitigate risks to an organization's IT systems and data. This course provides a comprehensive overview of information security risk management, including risk identification, analysis, and mitigation strategies. It also covers governance and compliance, which are important considerations for IT Risk Analysts.
Information Security Auditor
Information Security Auditors evaluate an organization's information security program and controls to ensure compliance with regulatory requirements and best practices. This course provides a comprehensive understanding of information security governance, risk management, and compliance, which are critical for Information Security Auditors.
Information Security Analyst
Information Security Analysts plan and implement security measures to protect an organization's information and systems from unauthorized access, use, disclosure, disruption, modification, or destruction. This course helps build a foundation in information security governance, risk management, and compliance, which are essential for success in this role.
Privacy Analyst
Privacy Analysts help organizations develop and implement privacy policies and procedures to protect personal data. This course can help build a foundation in the legal and regulatory landscape of privacy, as well as the principles and practices of data protection. It also covers governance and compliance, which are important considerations for Privacy Analysts.
IT Security Architect
IT Security Architects design and implement security solutions to protect an organization's information systems and data. This course provides a solid foundation in information security governance, risk management, and compliance, which are essential for success in this role. Additionally, it covers key security concepts and principles.
Security Consultant
Security Consultants provide advice and guidance to organizations on how to improve their security posture. This course can help build a foundation in information security governance, risk management, and compliance, which are essential for success in this role. Additionally, it provides an understanding of industry best practices and emerging security threats.
Cybersecurity Analyst
Cybersecurity Analysts monitor and analyze data to identify and respond to cybersecurity threats. This course provides a comprehensive overview of information security governance, risk management, and compliance, which are essential for success in this role. Additionally, it covers key cybersecurity concepts and principles.
Risk Manager
Risk Managers identify, assess, and mitigate risks to an organization's operations. This course provides a comprehensive overview of risk management, including risk identification, analysis, and mitigation strategies. It also covers governance and compliance, which are important considerations for Risk Managers.
Information Security Manager
Information Security Managers oversee the development and implementation of an organization's information security program. This course can help build a foundation in information security governance, risk management, and compliance, which are essential for success in this role. Additionally, it provides an understanding of industry best practices and emerging security threats.
Compliance Officer
Compliance Officers ensure that an organization complies with applicable laws and regulations. This course may be helpful in providing a broad understanding of governance, risk management, and compliance, which are important considerations for Compliance Officers.
Auditor
Auditors examine an organization's financial records and operations to ensure compliance with laws and regulations. This course may be helpful in providing a broad understanding of governance, risk management, and compliance, which are important considerations for Auditors.
Risk Analyst
Risk Analysts identify, assess, and mitigate risks to an organization's operations. This course may be helpful in providing a broad understanding of risk management, which is an important consideration for Risk Analysts.
Business Analyst
Business Analysts analyze business needs and develop solutions to improve business processes. This course may be helpful in providing a broad understanding of governance, risk management, and compliance, which are important considerations for Business Analysts. Additionally, it can help develop analytical and problem-solving skills.
Project Manager
Project Managers plan and execute projects to achieve specific goals and objectives. This course may be helpful in providing a broad understanding of governance, risk management, and compliance, which are important considerations for Project Managers. Additionally, it can help develop project planning and management skills.

Reading list

We've selected six books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in Information and Cyber Security Governance, Risk and Compliance (GRC).
Provides a quick and easy reference to the ISO 27001 and ISO 27002 standards, which are foundational to information security GRC.

Share

Help others find this course page by sharing it with your friends and followers:

Similar courses

Here are nine courses similar to Information and Cyber Security Governance, Risk and Compliance (GRC).
Information and Cyber Security Literacy: Governance, Risk...
Most relevant
Information and Cyber Security GRC: Governance
Most relevant
Information and Cyber Security GRC: Compliance Assessment...
Most relevant
The GRC Approach to Managing Cybersecurity
Most relevant
Information Security Risk Management Program for CGRC
Most relevant
Cloud Computing Fundamentals: Governance, Risk,...
Most relevant
Continuous Monitoring for CGRC
Most relevant
Selection and Approval of Security and Privacy Controls...
Most relevant
Governance, Risk, and Compliance
Most relevant
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2024 OpenCourser