A good cyber governance, risk and compliance (GRC) programme is fundamental to securing the business-critical assets of an organisation. GRC includes the management of cyber risks for an organisation to achieve their security and compliance objectives.
Notwithstanding existing regulations and compliance, the new UK Telecommunications (Security) Bill introduced at the end of 2020 intends to boost the security standards of the UK’s telecoms networks, which will now be monitored by Ofcom. Telecoms companies in the UK must follow tougher security rules or face fines of up to 10% of turnover, up to £100,000 per day.
QA's range of GRC courses include the popular CISM, CISMP, CISA and CRISC certifications, the ISO/IEC 27001 and ISO/IEC 22301 Lead Implementer and Auditor qualifications, EC-Council's CCISO programme, IAPP's Certified Information Security Manager and Auditor qualifications, and the NIST NCSP certifications.