Every year at the RSA Conference, we have the opportunity to exchange ideas with risk and security professionals. This year was no different, our team came back with a few takeaways from our conversations that can help you benchmark your own GRC and security plans against current trends..
When organizations first start formulating their integrated risk management implementation strategy and weighing various technology options, they are bound to make assumptions to support their business case and technology selection criteria. In this 3-part series we will depict common IRM assumptions and outline best practices to help your organization choose the right solution for your business case. Part 1 of the series examines first two IRM assumptions: user participation and utilizing existing toolsets..
Rsam sat down with Michael Rasmussen of GRC 20/20 to discuss making a GRC RFP template and creating a business case for GRC Technology..
How solid is your Business Continuity Plan? Do you even have one? Various threats such as hardware and software failures, cyberattacks, human error, and yes, natural disasters can take down your business. According to FEMA, 40% of businesses do not reopen after a natural disaster, another 25% fail within one year. Are you prepared? We’ve identified 5 basic steps to building a Business Continuity Plan to ensure you are..
The DFARS compliance deadline went into effect at the end of 2017. Read this GRC case study to see how one defense contractor moved from manual spreadsheets to a centralized framework that fulfills regulatory initiatives beyond DFARS compliance NIST 800-171 without re-engineering.
It truly is the million-dollar question for information security management and business professionals alike. It’s one of the most important questions to answer precisely because it is so hard to answer.
As the scope of risk and compliance continues to grow, more silos have been created than ever before. In the face of this disparate information, traditional approaches to governance, risk and compliance (GRC) evolve into integrated risk management. Learn more about Integrated Risk Management. Gartner Magic Quadrant links..
Will you face GDPR fines if you miss the GDPR Deadline? We're 30 days away from the GDPR compliance deadline. Fines are up to the greater of €20 million or 4 percent of your global annual revenue. Recommendations for meeting GDPR deadline and avoiding fines..
A compliance risk management common controls framework is the ultimate goal for those using a governance risk and compliance software platform. Whether you’re risk framework and controls need to account for HIPAA, SOX, ISO 27001/2, NIST 800-53, HISTRUST CSF, or other. Using GRC tools to have one risk management and compliance framework rule them all sounds like the "easy button".
Still managing IT Risk Management spreadsheets for Healthcare compliance. Stop Using Spreadsheets for GRC. IT Risk management and compliance is driven by mandates, and you’re working too hard to meet those mandates if you’re still working in spreadsheets..