Governance, risk and compliance concepts Flashcards
What does GRC stand for?
Governance, risk and compliance
What is Governance?
Rules and practices for a business to direct and control its activities
What is risk management?
Identifying, assessing and responding to threats that can impact a company
What is compliance?
Laws and regulations that a company must follow
Can be country/region based
What are the compliance concepts?
Data residency - countries have regulations to determine the physical location of data and how it can be transferred/processed/accessed
Data sovereignty - data collection/processing/handling is adhered to the specific laws of the country/region it is in
Data Privacy - Being transparent of the handling of data and ensuring it is in line with legal standards