Why GRC is important to Insurance

June 4, 2009

Everytime I start to think I have a grasp on what’s going on in the data security and privacy space, I talk to someone who makes me realize how vast this world is and how much knowledge I have to gain.  I met with Chris and Chris, the founders of LockPath this morning and realized that the world of GRC is so massive, I’ve just begun to skim the top of the surface.  You may wonder why as an insurance producer I’m interested in GRC but it’s simple.  GRC is a great way to rate the potential risk of a business for an insurance underwriter.  

I use the example comparing the cost of insuring a brand new Ford Taurus vs. a 2005 Porsche Carerra 4.  An underwriter would never charge the same premium for these 2 cars becuase they understand how to qualify each risk.  In the case of Data Privacy Insurance, it isn’t as clear which business is the Taurus and which is the Porsche.  I’m hoping that we can use the principals of GRC to help underwriters quantify the data privacy risk of a given exposure.