In active development

The GRC Dictionary

The same word means different things in different frameworks. The Dictionary will define core GRC terms in plain English, then show how each maps across ISO 27001, the ISM, the Essential Eight, NIST CSF, and SOC 2.

What's coming

· 60+ entries: control, risk, residual risk, attestation, assurance, drift
· Plain-English definition first, then framework-specific framings
· Cross-references where terms diverge meaningfully
· Searchable, with related-term suggestions

← Explore the Drift Model