GRC Case Study: Defense Contractor meets DFARS Compliance NIST 800-171

The DFARS compliance deadline went into effect at the end of 2017. Read this GRC case study to see how one defense contractor moved from manual spreadsheets to a centralized framework that fulfills regulatory initiatives beyond DFARS compliance NIST 800-171 without re-engineering.




Rsam & BitSight Technologies: Vendor Risk Management with a 360° View

If you’re managing vendor risk management for a large organization, you may have up to a thousand or more vendors to assess on a regular basis. Knowing where to start can be daunting, but there is a solution. This is why Rsam has integrated BitSight Technologies Security Ratings into our Vendor Risk Management module..


Is Your Vendor Risk Management Program Negatively Impacting Compliance?

Vendor Risk Management program journeys often start with a breach traced to a vendor. It becomes a priority and your team receives the funding it needs to implement a vendor risk management program. If you’re in this situation now, the first thing to keep in mind is you shouldn’t try to create your program in a vacuum..


Interview: Is Integrated Risk Management the New GRC?

As the scope of risk and compliance continues to grow, more silos have been created than ever before.  In the face of this disparate information, traditional approaches to governance, risk and compliance (GRC) evolve into integrated risk management.  Learn more about Integrated Risk Management. Gartner Magic Quadrant links..

Integrated Risk Management| GRC| Eric Goldberg| Read more

The GDPR Fines & Deadline: 30 Days and Counting

Will you face GDPR fines if you miss the GDPR Deadline? We're 30 days away from the GDPR compliance deadline. Fines are up to the greater of €20 million or 4 percent of your global annual revenue. Recommendations for meeting GDPR deadline and avoiding fines..


Is a Compliance Risk Management Common Controls Framework a Myth?

A compliance risk management common controls framework is the ultimate goal for those using a governance risk and compliance software platform. Whether you’re risk framework and controls need to account for HIPAA, SOX, ISO 27001/2, NIST 800-53, HISTRUST CSF, or other. Using GRC tools to have one risk management and compliance framework rule them all sounds like the "easy button".



Vendor Risk Management for Healthcare Casestudy

Vendor Risk Management for Healthcare can be challenging. Read this case study to see how Independent Health leverages vendor risk management best practices and vendor risk management software to meet the demands. Link for case study..

Vendor Risk Management| GRC| Eric Goldberg| Read more