Frequently Asked Questions about Governance, Risk, and Compliance (GRC) Systems
Tips and advice from EDUCAUSE colleagues as of January 2012.Last reviewed by the IT GRC Advisory Committee and the HEISC GRC Working Group: June 2016
What is a Governance, Risk, and Compliance (GRC) system?
...
- California State University System - Lead: Cheryl WashingtonSystem
- Indiana University System - Lead: Merri Beth Lavagnino
- Penn State - Leads: Sarah Morrow and Jenn Stewart
- University of Florida - Lead: Kathy Bergsma
- University of Maryland University College - Lead: Chrisan Herrod
Web Resources and Articles
Higher Education Resources:
- EDUCAUSE IT GRC Initiative
- ECAR Report on IT GRC in Higher Education (ECAR subscription required to access)
- The Economics of an IT Governance, Risk, and Compliance Solution - A presentation delivered by Chrisan Herrod (AVP/Chief Information Security Officer, University of Maryland) at the EDUCAUSE Mid-Atlantic Regional Conference 2012.
- Governance, Risk, and Compliance Systems in Higher Education - A presentation delivered by Merri Beth Lavagnino, Sarah Morrow, Jennifer Stewart, and Cheryl Washington at the Security Professionals Conference 2012.
IT GRC:
- http://www.metricstream.com/solutions/it_grc.htm - second paragraph lists things you do with such a tool. Choose the sub-menu items on the left to browse through more detail on what you could use a tool for in this area.
- http://www.brinqa.com/products/overview/ - the top part of this description shows more general Enterprise GRC uses, but then it pulls out at the bottom the types of IT-GRC tools it contains. Might help with understanding that it's really the same tools/modules, just that you can configure them to do IT things for you, or broader enterprise things for you.
- http://www.modulo.com/it-grc-free-webinar - take a look at a webinar or two that are about your particular interest.
Risk Management Focus:
Enterprise Compliance Focus:
...
Additional Resources
- MetricStream IT GRC Software Solutions - scroll down to see a list of benefits
- Brinqa - provides a visual overview of their solutions
- Modulo - shows the solutions and differentiators
- SC Magazine Policy and Risk Management Group Test
...
Questions or comments? 
Contact us.
...