What is GRC?
Governance, risk management and compliance (GRC) is the term covering an organization's approach across these three practices: governance, risk management, and compliance. The first scholarly research on GRC was published in 2007 by Scott L. Mitchell, Founder and Chair of OCEGwhere GRC was formally defined as "the integrated collection of capabilities that enable an organization to reliably achieve objectives, address uncertainty and act with integrity." The research referred to common "keep the company on track" activities conducted in departments such as internal audit, compliance, risk, legal, finance, IT, HR as well as the lines of business, executive suite and the board itself.
UK International Data Transfer Agreement
On 2 February 2022, the Information Commissioner’s Office (ICO) laid before Parliament changes around restricted international personal data transfers. The international data transfer agreement…
There is nothing straightforward or simple about responding to a data subject access request (DSAR). Whilst responding to DSARs can be onerous and time-consuming, you cannot take any shortcuts.