Governance, Risk, and Compliance before GRC
The idea of GRC (Governance, Risk Management, and Compliance), has been fundamentally integrated into the idea of how a business should be run for centuries. While it hadn’t been officially acknowledged as a solution with a name, it was in implementation on every level across every business. Any policy, government law, regulation, company code of conduct, and business risk fits into the umbrella of a GRC strategy even if it was never referred to as such. Well before the dawn of the digital age, bookkeeping, company rules, and calculating risks in business were standard needs to properly and efficiently scale an organization. As technologies and the size of the market grew, the need to have GRC as a tool in the marketplace was introduced in 2002 by Forrester, in the wake of multiple disasters that rocked the foundation of the world as we knew it.
*** This is a Security Bloggers Network syndicated blog from CyberSaint Blog authored by Justin Peacock. Read the original post at: https://www.cybersaint.io/blog/what-is-grc
Click her for the original source of this story.