Under Control: Governance Across the Enterprise

7.2. IT GRC Roles

To understand how IT GRC operates in large organizations, let's look at the typical roles of the IT Compliance Group and the IT Compliance Officer.

A business unit executive owns the business processes that deliver value to the organization. Similarly, IT Compliance Group is usually responsible for ensuring that the company's IT processes, procedures, and systems are in compliance with external regulatory mandates, industry requirements, and internal corporate policies. This team, often working with the Governance, Risk and Compliance (GRC) team described in Chapter 6, can advise the business unit executive about IT-related compliance issues, although they stop short of setting policy.

You need to know some terminology used ...

Get Under Control: Governance Across the Enterprise now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Under Control: Governance Across the Enterprise by Jacob Lamm

7.2. IT GRC Roles

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly