Governance, Risk and Compliance

Building a mature (and effective) GRC program: A checklist


In May 2024, members of the CyberRisk Collaborative organized a task force to address the complexities faced by CISOs in implementing and maturing GRC programs. This task force aimed to develop a shared understanding of GRC, create a framework for a mature GRC program, and provide practical steps and tools for organizations at various stages of their GRC journey.

In the task force, members created a cohesive and comprehensive definition of GRC, discussed their experiences, challenges, and best practices in the organization, administration, and developed guidance on how to enhance their programs. This document aims to help organizations, regardless of size, industry, or maturity level in building or benchmarking their GRC functions.

What follows is an excerpt from the full report, which is available to members of the collaborative. Click here for details on how to join and access content like this.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.