Dear Colleagues,
I would add that before attempting to implement Governance, Risk and Compliance you should choose a proven framework standard. There is not point in wasting time, money and resources on reinventing something that already exists. Feel free to check out a presentation that I created explaining how ISO 27001 ISMS will help establish a clear Governance, Risk and Compliance program.
Link; http://www.slideshare.net/markb677/isms-iso-27001governanceriskcompliancegrcv01r1draft
Sincerely,
Mark.
