IT GRC Education

IT GRC Framework & Knowledge Base

For many IT leaders Governance, Risk and Compliance is a constant challenge. Organisations often react to individual requirements as they occur and create ever more complex, stand-alone and unwieldy processes to meet each requirement. Morland-Austin has invested the time in understanding the holistic view which allows the creation of simple processes that meet all the IT GRC requirements and standards.

Morland-Austin’s IT GRC framework links all the key IT frameworks, best practices and standards into a single solution, allowing IT management to understand and implement in a strategic and holistic manner. Our IT GRC framework provides an integrated solution highlighting the links and interdependencies between the key IT GRC frameworks, best practices and standards which deliver all the core IT regulatory and compliance requirements.

Find out more by using our IT GRC framework diagram

Using the diagram below, the overall IT GRC framework can be used at its macro level to show how each element fits together or, by clicking on the each relevant hotlink, users can drill down into each area to gain more insight into the processes and standards.

Explore the world of IT GRC

Use the ‘What's your starting point?’ drop down menu to explore the many topics, processes and standards within the IT GRC domain.

In the complex world of IT GRC What's your starting point
Governance Cobit 5 Risk Management Cobit 5 Risk IT Compliance Management Compliance Management SOX 404 SOX Programme Key Tasks External Regulators Governance Evaluate Direct Monitor Management Plan Align Plan Organise Management Build Build Acquire Implement Management Run Deliver Service Support Management Monitor Monitor Evaluate Assess Information Security Policy Organisation Information Security Human Resources Security Asset Management Access Control Cryptography Physical Environmental Security Operations Security Communications Security Systems Acquisition Development Maintenance Supplier Relationships Information Security Incident Management Information Security Aspects Business Continuity Management Compliance Service Strategy Service Design Service Transition Service Operation Continual-Service Improvement-CSI PMO Methodology Waterfall Agile Methodology Risk Management Process IT Risk Enablers IT Risk Scenarios IT Risk Factors SOX Programme Key Tasks External Regulators SOX IT Controls Checkpoint 1 Request Checkpoint 2 Requirements Checkpoint 3 Design Checkpoint 4 Build Checkpoint 5 Test Deploy Checkpoint 6 Post Deploy Manage Third Party Services Manage Performance Capacity Ensure Continuous Service Ensure System Security Manage Problems Incidents Manage Data Manage Physical Space Manage Operations Manage Programme Development Manage Changes IT Governance Management IT Risk Management IT Compliance Management Information Security Management Systems ISO 27002 Standards Service Management ITIL v3 Programme Project Management Office PMO