BCM vs. Risk Management

15 pts.
Tags:
grc
Risk management
While introducing GRC, all the risks are taken in to consideration & countermeasures are defined, why we need BCM separately?

Answer Wiki

Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

Discuss This Question: 4  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • SNKulkarni
    GRC includes what the risk is and how it can be mitigated (Qualitative or Quantitative method). 

    But, One important goal of BCM is to develop plans, alternatives which can be used if the something goes wrong. Key terms: Maximum Tolerable Downtime (MTD), Recovery Time, etc. 

     
    60 pointsBadges:
    report
  • SanjayBirari
    Thanks.

    Developing plans, alternatives which can be used if the something goes wrong... is this not a mitigation?

    15 pointsBadges:
    report
  • Kevin Beaver
    I would think that it would all be under the same umbrella of (information) risk management. Not unlike all the "cyber security" nonsense, this is often a case of people trying to brand - and re-brand - functions/services for their own purposes...in the end, in most situations, it's all the same.
    23,095 pointsBadges:
    report
  • Jaideep Khanduja
    I would call GRC as a subset of BCM.
    14,785 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.

Following

Share this item with your network: