The relationship between governance, risk and compliance

Governance, risk and compliance (GRC) go hand-in-hand. Risk is understanding uncertainty. Compliance focuses on adhering to policies and regulations, micro and ...

The In Focus mini-series examines more closely issues and topics of importance to federal agencies and contractors. Each month, Federal News Radio speaks with key stakeholders to better understand challenges and opportunities. This month focuses on Governance, Risk and Compliance.

Governance, risk and compliance (GRC) go hand-in-hand. Risk is understanding uncertainty. Compliance focuses on adhering to policies and regulations, micro and macro. Governance is key for stakeholders who put into processes and practices the whole operation of compliance. An age old struggle is figuring out how fine grained GRC gets with different agencies. Ultimately we need to know where risk might cause impacts, and where can risk management can have the most leverage. It can highlight opportunities, and prevent wasted effort. Risk management helps prioritize controls, compliance activities, and where you make investments. Threats and vulnerabilities are fundamental building blocks of risk management. To deal with traditional legacy systems, agencies need to put together a business case that incorporates risk-reward calculations for informed decisions on whether to modernize or build new.

 

Host

Federal Drive host Tom Temin

Tom Temin, Federal News Radio

Tom Temin has been the host of the Federal Drive since 2006. Tom has been reporting on and providing insight to technology markets for more than 30 years.  Prior to joining Federal News Radio, Tom was a long-serving editor-in-chief of Government Computer News and Washington Technology magazines. Tom also contributes a regular column on government information technology.

 

Guest

Ilanko Subramaniam, GRC Practice Leader, CISSP, CISM, Optiv

Ilanko is a Principal and leads the GRC Practice for Optiv Security, focused on delivering risk and compliance services and platform implementation to support Fortune 500 organizations.

Previously, Ilanko was the Senior Strategist at Microsoft, where he managed the Enterprise Risk Management program. Ilanko also has worked with KPMG and lead several critical projects across public and private sectors. He has earned multiple degrees and certifications and is an adjunct instructor at the University of Washington.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

Related Stories