IT Governance, Risk & Compliance (IT GRC):
IT, being a highly critical and most important function of business in today’s global environment, businesses has transformed their operations using IT as an enabler. This is where Governance, Risk and Compliance becomes more important for any organization, irrespective of its size, domain and nature as alignment of IT is more critical for the accomplishing the business goals using transformation.
IT as an enabler to a business, is effective but also has its’ own weaknesses which might be the points of concern and compromise, possibly being exposed to potential risks having high impact on the business, if not properly addressed by deploying the controls / processes, in place.
The important domains under the IT GRC, as a strategic function of business are, as under:
- Information Security
- IT Security
- Application Security
- Secure Coding and S-SDLC
- Business Continuity & Disaster Recovery
- IT Service Management
- Legal & Regulatory Compliance
- Internal Controls
- Audits & Assessments