Description
This course is for people who need to develop and gain the relevant practical hands-on experiences to apply for a role in GRC. For example compliance management. The course is divided into two sections as follows: SECTION 1-FundamentalsUnderstand the principles of governance, risk management, and compliance (GRC). Identify and assess risks to an organization's compliance with regulations and standards. Develop and implement a compliance management program. Monitor and evaluate the effectiveness of the compliance management program. Course OutlineModule 1: Introduction to GRCWhat is GRC?The importance of GRCThe benefits of GRCThe challenges of GRCModule 2: Risk ManagementWhat is risk management?The risk management processIdentifying risksAssessing risksTreating risksModule 3: Compliance ManagementWhat is compliance management?The compliance management processIdentifying regulations and standardsAssessing compliance risksDeveloping and implementing a compliance programModule 4: Monitoring and EvaluationMonitoring complianceEvaluating the effectiveness of the compliance programContinuous improvementSECTION 2-PRACTICAL HANDS-ON ACTIVITIESStudent will be introduced to a real-live platform environment that will allow them to practice all of the below GRC activities to develop their practical experience. This consists of approximately 10 hours of lab guided exercises.1. -Compliance Management- Learn how to certify and manage a ISO 27001, PCI-DSS, NIST, SOC2, etc. program2. -Risk Management-Learn how to implement Asset, Third Party and Business Risk Management3. -Data Protection Program-Learn how to implement ad operate a data protection program4. -Internal Controls & Audits- Record your internal controls and their audit records5. -Policy Management- record your policies, procedures, standards etc., and manage their reviews6. -Incident Management- Record and manage security incidents lifecycle in one place7. -Asset Management- Define and review assets primarily used in Risks and Data Protection programs8. -Project Management- Manage proactive and reactive improvements to your GRC program9. -Exception Management- Record and manage risks, compliance and policy exceptions lifecycle10. -Business Continuity Plans
