GRC, GDPR, SBP, PCI-DSS

Teacher admin
Categories Cyber Security, Programs
Students 0 (Registered)
Review

(0 Review)

Jan

GRC

This course examines the role of Governance, Risk Management, and Compliance (GRC) as part of the Cybersecurity management process, including key functions of planning, policies, and the administration of technologies to support the protection of critical information assets.

Course Outline

Classification of Risks
Main types of risk classes that banks face and have to cope with Salient characteristics of the main risk classes
Fundamental concepts of each of the risk classes
Introduction to ERM and its Frameworks
Benefits and value of ERM deployment in and across an entity
Key concepts of Enterprise Risk Management (ERM)
Steps necessary to quantify ERM
ERM frameworks
Regulatory Landscape
Major trends in the global regulatory landscape
Key regulations that impact (transnational) finance institutions
Key characteristics of the more recently announced holistic regulatory changes and new legislature
Governance, Risk and Compliance – Demystified
Overview of ‘governance’, ‘risk’ and ‘compliance’ (i.e., GRC)
Principles and benefits associated to governance, risk and compliance
GRC integrated approaches and their key enablers
COSO and CobiT in Support of GRC Needs
Key concepts to the COSO and CobiT frameworks for enterprise risk management
Methods and capabilities defined by both, COSO and CobiT.
Operational Risk Management – Primer
The driving factors behind operational risk management
Basel II approaches and key constructs for operational risk
High level methods and capabilities of a staged implementation for operational risk

GRC – Case Study

Selective best practices from COSO, CobiT and Basel II operational risk management
Advantages and limitation of certain aspects of ERM frameworks
Regulatory expectations on listed companies in developed and leading countries
Building an effective, holistic governance, risk and compliance model across an organization

Course Delivery

The course will be delivered through a combination of lectures, discussions, case studies, and practical exercises. Course materials, including readings, slides, and handouts, will be made available through an online learning management system. The course will be offered over a period of 12 weeks, with 2-3 hours of study per week

Assessment:

Assessment will be based on participation in discussions, completion of practical exercises, and a final project that will require students to develop a GRC model for a hypothetical organization.