GRC Udemy

Question 1

Set of policies, rules, or practices that a company uses to achieve its business goals

Answer 1

Governance

Question 2

Potential for loss or harm to the IT infrastructure

Answer 2

Risk

Question 3

Adherence of organizations to laws regulations, standards, policies and guidelines

Answer 3

Compliance

Question 4

Structured way to align IT with business goals while managing risks and meeting all industry regulations

Answer 4

GRC

Question 5

GRC Disciplines. Name 3

Answer 5

-governance and oversight
-strategy and performance
-risk management
-compliance and ethics
-information security
-audit and assurance

Question 6

3 lines defense model

Answer 6

1. Business,
2. security and
3. internal audit

Governing body
Management
Internal audit

Question 7

Meet stakeholders needs by providing value.

Achieved through policy rules and practices

Answer 7

Governance

Question 8

Soc

Compliance framework

Answer 8

Service organizations control

Question 9

NIST Framework
5 cores

Answer 9

Identify
Protect
Detect
Respond
Recover

Question 10

Determines what exists, dangers involved and connect to company goal is what most core function?

Ex. Asset and risk management, governance

Answer 10

Identify

Question 11

Safeguarding assets and data. Access control and data encryption. Nist

Answer 11

Protect

Question 13

Safeguarding asset and data. Incident detection monitoring

Answer 13

Detect

Question 14

Mitigating impact of risk. Notify stakeholders and keep operations up

Answer 14

Respond

Question 15

Repair and restore, effective response

Answer 15

Recover

Question 16

Requirement for ISMS. 93 controls.

Answer 16

ISO 27001