Tag: Risk
-
Incident Response Plan – IRP
Introduction An incident response plan (IRP) is your team’s playbook for how to respond to security incidents. It should be a living document that’s constantly updated and tested, and it should include both instructions on how to detect an incident, as well as what happens after one occurs. What is an Incident Response Plan (IRP)?…
-
Information Security Governance – Constraints
Introduction There are many different security policy constraints to consider when defining and implementing information security policies. The most important ones are legal requirements and regulatory requirements, physical constraints, and organizational structure. In this article, we will summarize these constraints and discuss their impact on developing an effective information security governance framework. Legal and regulatory…
-
Business Recovery Processes
Introduction Business recovery is the process of bringing your business back online in the aftermath of a disaster. Disaster recovery can happen quickly, but it usually takes longer than expected. It’s important to have a plan in place to recover from any disruption so that you can continue operating with minimum disruption and maximum efficiency.…
-
My Governance, Riks, and Compliance Journey
I’m Won, and this is my journey. I am sharing my story of how I learned governance, risk, and compliance (GRC) in an easy-to-understand format. I hope that by sharing my journey, I can help others learn GRC and make their lives easier. I don’t take credit for anything written here. This is merely a…
Governance Risk and Compliance 