An essential component of the iGRC information infrastructure protection system is the interoperability protocol (GRCiP).  This fundamental component enables 'sensor' products within the network security supply chain to interface and interact with information security management systems such as Proteus Enterprise.

An open standard to accelerate its permeation of information security related markets, it is intended that designers of network protection and monitoring software and devices will use it to include in their products an iGRC interface and supporting functions and features, as recommended in the standard.

The iGRC Consortium intends to retain design control of the standard so that it may be maintained as advised or required by industry professionals.

The GRCiP document is available in the Requirements Builder pack available via the 'Find Out More' page above. 

A wide range of sensors are involved such as:

- host based intrusion detection, vulnerability assessment, configuration and policy compliance

- database and web site logs, and file accesses

- hosts for penetration testing, email scanning, spam filters

- network intrusion detection and prevention, netflow, firewall/router/other network devices logs

- access and identity for successful or failed logins, new users, deleted users, privilege escalation, bio-metric identities

- web site vulnerability detection (cross site scripting, SQL injection etc), pages visited, referred from

- end-point monitoring such as permitted user activity, not permitted user activity, and data leakage monitoring

- USB usage monitoring and reporting

- anti-virus, anti-phishing, malware detection

- applications - most keep audit logs of activity, and

- others such as event and audit log collection for operating systems, infrastructure and applications