RSA Conference Insights: Trends in IT VRM, GRC and Data Privacy

Every year at the RSA Conference, we have the opportunity to exchange ideas with risk and security professionals. This year was no different, our team came back with a few takeaways from our conversations that can help you benchmark your own GRC and security plans against current trends..


Debunking Integrated Risk Management Assumptions: Part 1 – Ensuring User Participation and Using Existing Toolsets

When organizations first start formulating their integrated risk management implementation strategy and weighing various technology options, they are bound to make assumptions to support their business case and technology selection criteria. In this 3-part series we will depict common IRM assumptions and outline best practices to help your organization choose the right solution for your business case. Part 1 of the series examines first two IRM assumptions: user participation and utilizing existing toolsets..



Vacation Without A Business Continuity Plan?

How solid is your Business Continuity Plan? Do you even have one? Various threats such as hardware and software failures, cyberattacks, human error, and yes, natural disasters can take down your business. According to FEMA, 40% of businesses do not reopen after a natural disaster, another 25% fail within one year. Are you prepared? We’ve identified 5 basic steps to building a Business Continuity Plan to ensure you are..


GRC Case Study: Defense Contractor meets DFARS Compliance NIST 800-171

The DFARS compliance deadline went into effect at the end of 2017. Read this GRC case study to see how one defense contractor moved from manual spreadsheets to a centralized framework that fulfills regulatory initiatives beyond DFARS compliance NIST 800-171 without re-engineering.



Interview: Is Integrated Risk Management the New GRC?

As the scope of risk and compliance continues to grow, more silos have been created than ever before.  In the face of this disparate information, traditional approaches to governance, risk and compliance (GRC) evolve into integrated risk management.  Learn more about Integrated Risk Management. Gartner Magic Quadrant links..

Integrated Risk Management| GRC| Eric Goldberg| Read more

The GDPR Fines & Deadline: 30 Days and Counting

Will you face GDPR fines if you miss the GDPR Deadline? We're 30 days away from the GDPR compliance deadline. Fines are up to the greater of €20 million or 4 percent of your global annual revenue. Recommendations for meeting GDPR deadline and avoiding fines..


Is a Compliance Risk Management Common Controls Framework a Myth?

A compliance risk management common controls framework is the ultimate goal for those using a governance risk and compliance software platform. Whether you’re risk framework and controls need to account for HIPAA, SOX, ISO 27001/2, NIST 800-53, HISTRUST CSF, or other. Using GRC tools to have one risk management and compliance framework rule them all sounds like the "easy button".