CONTINUOUS GOVERNANCE, RISK AND COMPLIANCE MANAGEMENT

摘要

A method for managing Governance, Risk and Compliance (GRC) within an integrated framework includes inventorying assets and relationships with business components of an organization structure (101), determining risk and compliance indexes for at least each asset and business component (102), evaluating the risk and compliance indexes for GRC decisions (103), and determining and managing a treatment process based on an evaluation of the risk and compliance indexes (104).