GRC: the conceptual demands and the reality of implementation.

• How is GRC defined?
• How is Cyber defined?
• The virtuous relationship between governance, risk and compliance.
• The complexity when factoring in cyber.

Case Study: examining and evaluating the key attributes of GRC. 

What makes Cyber both common and unique?

• Understanding the paradox of Cyber – its ease of use and difficulty to secure.
• The underlying complexity.
• Reliance on 3^rd
• Basic governance requirements.
• How best to assess and manage risks?
• Is our legislation a help or hindrance to cyber-security GRC?
• How can standards help?
• Creating and integrating policies, procedures and practices from strategy to crisis management.
• Achieving demonstrable compliance.

Case Study: designing the framework and identifying the necessary actions.

Managing the implementation outcomes of  Cyber-related GRC.

• A strategic approach.
• Preventative versus corrective approach to cyber governance.
• How Cyber exacerbates GRC weaknesses.
• Managing GRC failures.
• Promoting the good news.

Case Study: learning from a global cyber-related GRC failure.

Building on what we already have

• Cyber-related information flows – are we sharing what is relevant and comprehensible?
• Relationship with regulators – does legal compliance explicitly include Cyber?
• Making compliance truly useful to society.
• Creating a culture for sound Cyber GRC.

Case Study: reporting GRC internally and externally.

All delegates completing this course will receive a Certificate in Cybersecurity Governance, Risk and Compliance with 16 CPE/CPD credits.

Expert-led by a key member of the project team who developed the 2021 UK Cybersecurity Council, delegates will gain specialist knowledge that complements and builds on existing understanding of GRC through interactive discussion, case study exercises and some presentations on the concepts, issues and intended outcomes of GRC  – the ability to provide safe, secure and usable technology for use by the supply chain:

• Review of current GRC requirements
• Impact of cyber on how organisations operate
• What regulators want to see
• Consider the governance needed to provide cyber-related activity wisely
• How risk management helps improve governance and makes compliance easier to demonstrate
• Practical case studies of recent and historic cases

Delegates who complete the course will each receive a Certificate with CPE/CPD credits – and for those who may require an assessment as a demonstration of competency via training a 20 multiple choice Q&A, remotely invigilated, with results report and 1 resit, is included in the delegate price when reserved at time of booking.

Highly interactive expert-led intensive presentation, Q&A, group real-time in-depth case studies, regulation and discussion supported by key principles and theory. The virtual learning platform uses safe, industry preferred encrypted Cisco WebEx to optimize live face-to-face visual interaction, discrete chat, for polling and quizzes. (An invitation via email with access link is included for all participants.)