asked on Governance, Risk, and Compliance (GRC)
GRC EXpertsssssssssssssss
what can be the best way to start with it, please suggest good material.
do isaca's CRISC framework cover it all.
what else frameworks available
what can be the best way to start with it, please suggest good material.
do isaca's CRISC framework cover it all.
what else frameworks available
OS SecuritySecurityIT AdministrationNetwork Security
Last Comment
osloboy
nothing beats to having a quick overview from wiki
http://en.wikipedia.org/wiki/Governance,_risk_management,_and_compliance
Good resource in http://www.grc-resource.com/?page_id=14
Actually CRISC (certification) is more towards risk mgmt which ISACA coined the RiskIT. But GRC is a family of IT goverance, Risk and Compliance which ISACA is mapping certification to CGEIT and CRISC respectively. the below is of interest. Coming back ISACA can be a good start as well
Security, Control and Assurance
http://www.itgi.org/template_ITGI3c16.html?Section=Security,_Control_and_Assurance&Template=/TaggedPage/TaggedPageDisplay.cfm&TPLID=60&ContentID=10609
Risk Mgmt
http://www.itgi.org/template_ITGI366f.html?Section=Risk_Management1&Template=/TaggedPage/TaggedPageDisplay.cfm&TPLID=60&ContentID=10652
http://en.wikipedia.org/wiki/Governance,_risk_management,_and_compliance
Good resource in http://www.grc-resource.com/?page_id=14
Actually CRISC (certification) is more towards risk mgmt which ISACA coined the RiskIT. But GRC is a family of IT goverance, Risk and Compliance which ISACA is mapping certification to CGEIT and CRISC respectively. the below is of interest. Coming back ISACA can be a good start as well
Security, Control and Assurance
http://www.itgi.org/template_ITGI3c16.html?Section=Security,_Control_and_Assurance&Template=/TaggedPage/TaggedPageDisplay.cfm&TPLID=60&ContentID=10609
Risk Mgmt
http://www.itgi.org/template_ITGI366f.html?Section=Risk_Management1&Template=/TaggedPage/TaggedPageDisplay.cfm&TPLID=60&ContentID=10652
ASKER
do CGEIT cover GRC in details or its just another COBIT thing
This would explain..the principle is same and cobit highlight the control. But overall I see there must be some sort of applied framework and not about theory.
http://www.isaca.org/Certification/CGEIT-Certified-in-the-Governance-of-Enterprise-IT/Prepare-for-the-Exam/Mappin-to-COBIT/Pages/default.aspx
http://www.isaca.org/Certification/CGEIT-Certified-in-the-Governance-of-Enterprise-IT/Prepare-for-the-Exam/Mappin-to-COBIT/Pages/default.aspx
ASKER
thanks,
it seems to be more towards Governance and Risk not much about compliance.
one more thing, now its time for Unified compliance, there is no word of it in CGEIT
is there any other body which offers GRC certification and well recognized?
it seems to be more towards Governance and Risk not much about compliance.
one more thing, now its time for Unified compliance, there is no word of it in CGEIT
is there any other body which offers GRC certification and well recognized?
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Excellent, thanks
In this links are the MOF basic informations about GRC
http://technet.microsoft.com/en-us/library/cc531019.aspx