Integrated governance, risk and compliance (iGRC) approach

Integrated governance, risk and compliance (iGRC)
Download Integrated governance, risk and compliance (iGRC) approach.

The wide array of complex and overlapping Federal laws and regulations related to the protection of financial information and systems poses a number of challenges to the USSS and EFS Branches. A number of laws have been implemented to protect the confidentiality, integrity, and availability of the sensitive information resources that support Federal operations and assets, including financial systems and data.

The USSS and other Federal agencies continue to be challenged by this array of applicable laws and regulations, particularly as they relate to developing, implementing, maintaining, and enforcing consistent financial policies and procedures.The effort required to achieve compliance with applicable laws and regulations may lead to assessment fatigue, duplicative data, gaps in risk activities, overlapping efforts, inconsistent processes, and unclear roles and responsibilities.

The purpose of this PwC paper is to present an approach for assisting with the automation of internal management controls over business processes, application security, and technical infrastructure security.