Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Mastering Governance, Risk, and Compliance (GRC): A Handbook
Course Overview
Course Description
Video Overview (3:10)
Introduction
GRC Essentials - A Risk Manager’s playbook to IT Security Governance, Risk and Compliance (3:10)
Course Objectives (2:49)
Course Audience (1:20)
Before we take off - Some Ground Rules (3:43)
Fair Disclaimer (0:54)
Some _Not So Fun_ Facts about Cybersecurity (1:05)
Module 1: What is Governance Risk and Compliance - Quite Literally
Why This Module (1:32)
What is Governance - Part 1 (3:11)
What is Governance - Part 2 (8:53)
What is Risk (7:47)
What is Compliance (2:51)
Risk Analyst and Risk Manager (4:51)
Quick Exercise (1:16)
Extension Fun Fact (0:43)
Module 1 Quiz
Module 2 : The Three Lines of Defense
History and Relevance (1:40)
First Line (Part 1) (4:52)
First Line (Part 2) (1:34)
Second Line (3:16)
Third Line (2:20)
How does this help (2:21)
Things to unlearn - One Size Fits All (0:26)
Module 3 : Step 1 Information Gathering-Understand the Organization Risk Universe
Recap & Back to problem statement (1:29)
Map your Information Security risk universe for ABC Inc (5:28)
Infrastructure - Compute & Workstation (4:04)
Business Applications (3:37)
Third Parties (2:06)
End Users (1:39)
Physical Perimeter (0:56)
Revenue Stream - Client Services and Products (1:43)
Outcome (3:22)
Things to Unlearn - Start with Risks and not Controls (1:47)
Module 3 Quiz
Module 4 : Step 2: Drafting Inherent Risks
What is Inherent Risk (4:16)
How to identify Inherent Risks (4:17)
Time for templates! (1:50)
Drafting Inherent Risks - Infrastructure - Compute - Part 1 (9:53)
Drafting Inherent Risks - Infrastructure - Compute - Part 2 (6:26)
Drafting Inherent Risks – Infrastructure – Workstations (2:23)
Drafting Inherent Risks - Business Applications - Part 1 (4:47)
Drafting Inherent Risks - Business Applications - Part 2 (3:43)
Drafting Inherent Risks - Third Parties (5:31)
Drafting Inherent Risks - End Users (3:57)
Drafting Inherent Risks - Physical Perimeter (3:26)
Drafting Inherent Risks Revenue Stream Client Service or Products (2:29)
A quick pressure test with ISO 27001 (3:39)
Module 4 Quiz
Module 5 : Step 3: Mapping the Lines of Defense - Roles and Responsibilities
Mapping the First Line - Part 1 (4:21)
Mapping the First Line - Part 2 (2:25)
Mapping the Second Line (2:49)
Mapping the Third Line (2:26)
Module 6 : Step 4 : Existing Controls Environment
A Much Needed Recap (2:01)
Existing Policies, Mitigations and Controls - Part 1 (5:29)
Existing Policies, Mitigations and Controls – Part 2 (3:00)
Key points to identify existing mitigations (2:08)
Module 6 Quiz
Module 7 : Step 5 : Residual Risk
What is Residual Risk (1:57)
Things to Unlearn - There is no -- No Risk (1:29)
Module 8 : Follow Through
Remediation & Oversight (2:30)
Management Reporting - Stretegic vs Operational (1:42)
Module 9 : Bringing it all Together
End to End Framework (3:18)
Module 10 : GRC Tools
GRC Tools (2:51)
GRC Tools Demo (4:33)
Module 11 : IT Auditing : The Third Line of Defense
What is an Audit (3:06)
Internal Audits (2:16)
External Audits - Regulatory Certifications Attestations (4:26)
Module 12 : Course Conclusion
Checking in on our course objectives (3:21)
Go Risk Analysts & Managers! (1:25)
Master Quiz -1
Master Quiz -2
Audio Version of Training
Audio Download
Drafting Inherent Risks - Business Applications - Part 1
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock