Governance, risk management, and compliance (GRC) have become buzzwords since the passage of legislation like the Sarbanes-Oxley Act. But what exactly do they mean? And how should companies promote their effective use? A white paper from The Compliance Consortium, a year-old international group working to create GRC best practices, answers these questions. In the paper the group defines seven operational concerns, from establishing policies, procedures, and controls to implementing continuing process improvement. It also provides a dozen questions for board members and senior managers to consider.
@ Governance, Risk Management, and Compliance: An Operational Approach is at SM Online.
| Attachment | Size |
|---|---|
| compliance_consortium0805.pdf [2] | 187.34 KB |
Security Management is the award-winning publication of ASIS International, the preeminent international
organization for security professionals, with more than 35,000 members worldwide.
ASIS International, Inc. Worldwide Headquarters USA, 1625 Prince Street, Alexandria, Virginia 22314-2818
703-519-6200 | fax 703-519-6299 | www.asisonline.org
Copyright © 2008, Security Management
Powered by: Phase2 TechnologyLinks:
[1] http://www.securitymanagement.com/magazine/2005/08
[2] http://www.securitymanagement.com/sites/securitymanagement.com/files/compliance_consortium0805_0.pdf
Comments