Cloud 101CircleEventsBlog
CAIQ Lite is now accepted into the STAR Registry! Showcase your cloud security readiness with a simplified assessment. Learn more today!

Download Publication

Information Technology Governance, Risk and Compliance in Healthcare
Information Technology Governance, Risk and Compliance in Healthcare

Information Technology Governance, Risk and Compliance in Healthcare

Release Date: 10/15/2021

Information Technology (IT) Governance, Risk, and Compliance (GRC), are three words that have a significant impact on organizations. While each term seems straightforward, putting them together brings up a concept that is hard to understand and even harder to implement. Overall, GRC is the policies and procedures that manage the organization's process for aligning the management and control of information with business objectives, the organization's risk tolerance, and how they comply with regulations and manage risk. Defining each and then integrating them into one program gives the organization a structured process to ensure IT supports business objectives while managing risk and compliance. This paper will show how to create a program for each and then integrate them into one cohesive and effective program.

This is an old version of this publication. Find the most recent version here.
Download this Resource

Prefer to access this resource without an account? Download it now.

Bookmark
Share
Related resources
AI in Medical Research: Applications & Considerations
AI in Medical Research: Applications & Consider...
Zero Trust Guiding Principles v1.1
Zero Trust Guiding Principles v1.1
Strengthening Research Integrity with High-Performance Computing (HPC) Security
Strengthening Research Integrity with High-Perf...
Healthcare & Cybersecurity: Navigating a Vast Attack Surface
Healthcare & Cybersecurity: Navigating a Vast Attack Surface
Published: 10/08/2024
Cybersecurity Risk Mitigation Recommendations for 2024-2025
Cybersecurity Risk Mitigation Recommendations for 2024-2025
Published: 10/08/2024
Why You Should Have a Whistleblower Policy for AI
Why You Should Have a Whistleblower Policy for AI
Published: 10/07/2024
How to Maximize Alignment Between Security and Compliance Teams
How to Maximize Alignment Between Security and Compliance Teams
Published: 10/04/2024

Acknowledgements

Michael Roza
Michael Roza
Risk, Audit, Control and Compliance Professional

Michael Roza

Risk, Audit, Control and Compliance Professional

Since 2012 Michael has contributed to over 100 CSA projects completed by CSA's Internet of Things, Zero Trust/Software-Defined Perimeter, Top Threats, Cloud Control Matrix, Containers/Microservices, DevSecOps, and other working groups. He has also served as co-chair of CSA's Enterprise Architecture, Top Threats, and Security-as-a-Service working groups while also serving as the Standards Liaison Officer for IoT, ICS, EA, SECaaS, and Cloud K...

Read more

Alex Kaluza
Alex Kaluza
Research Analyst, CSA

Alex Kaluza

Research Analyst, CSA

Are you a research volunteer? Request to have your profile displayed on the website here.

Interested in helping develop research with CSA?

Related Certificates & Training