In this report we explore the growing integration of GRC and cyber risk, and consider how to develop solutions to enable the governance, control, quantification and analysis of a firm’s cyber risk exposure. We also describe the functional and technical requirements of an effective integrated solution, and in particular how operational issues can be managed and monitored using real-time embedded analytics and dashboarding.