Practical Compliance Management for GRC Professionals
Practical Compliance Management for GRC Professionals
Ratings 4.50 / 5.00
What You Will Learn!
- The fundamentals of Governance, Risk Management and Compliance
- How to practically develop and management a GRC Program
- How to practically execute compliance management activities within an organization
- Compliance Management- Learn how to certify and manage a ISO 27001, PCI-DSS, NIST, SOC2, etc. program
- Risk Management-Learn how to implement Asset, Third Party and Business Risk Management
Description
This course is for people who need to develop and gain the relevant practical hands-on experiences to apply for a role in GRC. For example compliance management.
The course is divided into two sections as follows:
SECTION 1-Fundamentals
Understand the principles of governance, risk management, and compliance (GRC).
Identify and assess risks to an organization's compliance with regulations and standards.
Develop and implement a compliance management program.
Monitor and evaluate the effectiveness of the compliance management program.
Course Outline
Module 1: Introduction to GRC
What is GRC?
The importance of GRC
The benefits of GRC
The challenges of GRC
Module 2: Risk Management
What is risk management?
The risk management process
Identifying risks
Assessing risks
Treating risks
Module 3: Compliance Management
What is compliance management?
The compliance management process
Identifying regulations and standards
Assessing compliance risks
Developing and implementing a compliance program
Module 4: Monitoring and Evaluation
Monitoring compliance
Evaluating the effectiveness of the compliance program
Continuous improvement
SECTION 2-PRACTICAL HANDS-ON ACTIVITIES
Student will be introduced to a real-live platform environment that will allow them to practice all of the below GRC activities to develop their practical experience. This consists of approximately 10 hours of lab guided exercises.
1. -Compliance Management- Learn how to certify and manage a ISO 27001, PCI-DSS, NIST, SOC2, etc. program
2. -Risk Management-Learn how to implement Asset, Third Party and Business Risk Management
3. -Data Protection Program-Learn how to implement ad operate a data protection program
4. -Internal Controls & Audits- Record your internal controls and their audit records
5. -Policy Management- record your policies, procedures, standards etc., and manage their reviews
6. -Incident Management- Record and manage security incidents lifecycle in one place
7. -Asset Management- Define and review assets primarily used in Risks and Data Protection programs
8. -Project Management- Manage proactive and reactive improvements to your GRC program
9. -Exception Management- Record and manage risks, compliance and policy exceptions lifecycle
10. -Business Continuity Plans
Who Should Attend!
- This course is for people who need to develop and gain the relevant practical hands-on experiences to apply for a role in GRC. For example compliance management.