Cyber GRC Ideas Portal
Ask - Segregation of risks, corresponding risk assessment plans, risk assessments, issues/actions between Cyber Risk and Business Risk. In customer words - separate the data visibility between RIC and CYS.
Use Case -
There are two teams in Siemens Energy RIC (Business GRC) and Cyber Risk.
Both the teams create respectively Enterprise risks and Cyber risks. The Owner organisation of both the risks could be at the same org hierarchy.
