The DFARS compliance deadline went into effect at the end of 2017. Read this GRC case study to see how one defense contractor moved from manual spreadsheets to a centralized framework that fulfills regulatory initiatives beyond DFARS compliance NIST 800-171 without re-engineering.
Third Party Risk Management TPRM cannot survive and thrive on its own—it takes enterprise-wide effort and support to get it right. Read these 5 stages that will increase your chances for success..
It truly is the million-dollar question for information security management and business professionals alike. It’s one of the most important questions to answer precisely because it is so hard to answer.
If you’re managing vendor risk management for a large organization, you may have up to a thousand or more vendors to assess on a regular basis. Knowing where to start can be daunting, but there is a solution. This is why Rsam has integrated BitSight Technologies Security Ratings into our Vendor Risk Management module..
Vendor Risk Management program journeys often start with a breach traced to a vendor. It becomes a priority and your team receives the funding it needs to implement a vendor risk management program. If you’re in this situation now, the first thing to keep in mind is you shouldn’t try to create your program in a vacuum..
As the scope of risk and compliance continues to grow, more silos have been created than ever before. In the face of this disparate information, traditional approaches to governance, risk and compliance (GRC) evolve into integrated risk management. Learn more about Integrated Risk Management. Gartner Magic Quadrant links..
Will you face GDPR fines if you miss the GDPR Deadline? We're 30 days away from the GDPR compliance deadline. Fines are up to the greater of €20 million or 4 percent of your global annual revenue. Recommendations for meeting GDPR deadline and avoiding fines..
A compliance risk management common controls framework is the ultimate goal for those using a governance risk and compliance software platform. Whether you’re risk framework and controls need to account for HIPAA, SOX, ISO 27001/2, NIST 800-53, HISTRUST CSF, or other. Using GRC tools to have one risk management and compliance framework rule them all sounds like the "easy button".
Still managing IT Risk Management spreadsheets for Healthcare compliance. Stop Using Spreadsheets for GRC. IT Risk management and compliance is driven by mandates, and you’re working too hard to meet those mandates if you’re still working in spreadsheets..
Vendor Risk Management for Healthcare can be challenging. Read this case study to see how Independent Health leverages vendor risk management best practices and vendor risk management software to meet the demands. Link for case study..