Every year at the RSA Conference, we have the opportunity to exchange ideas with risk and security professionals. This year was no different, our team came back with a few takeaways from our conversations that can help you benchmark your own GRC and security plans against current trends..
Final part of the 3-part series blog explores integrated risk management assumptions and misconceptions around implementation on-premises vs in the cloud..
When organizations first start formulating their integrated risk management implementation strategy and weighing various technology options, they are bound to make assumptions to support their business case and technology selection criteria. In this 3-part series we will depict common IRM assumptions and outline best practices to help your organization choose the right solution for your business case. Part 1 of the series examines first two IRM assumptions: user participation and utilizing existing toolsets..
Rsam sat down with Michael Rasmussen of GRC 20/20 to discuss making a GRC RFP template and creating a business case for GRC Technology..
How solid is your Business Continuity Plan? Do you even have one? Various threats such as hardware and software failures, cyberattacks, human error, and yes, natural disasters can take down your business. According to FEMA, 40% of businesses do not reopen after a natural disaster, another 25% fail within one year. Are you prepared? We’ve identified 5 basic steps to building a Business Continuity Plan to ensure you are..
British Airways had a major cyberattack in 2018. Will they face GDPR fines in 2018? The investigation into British Airways’ data breach is still ongoing, so it’s too early to say what GDPR fines they may be hit with. However, they could face up to £488 million in penalties under GDPR. How would the Equifax breach in 2017 have fared?.
There is no silver bullet that would solve all our problems as it relates to risk management for brand reliance, however there’s one approach that can help organizations address brand risk and it is called Integrated Risk Management (IRM)..
Our CISO survey uncovered that only 5% of respondents said that their IT security metrics were “very effective.” How do we match CISO responsibilities and goals with metrics that work..
Third Party Risk Management TPRM cannot survive and thrive on its own—it takes enterprise-wide effort and support to get it right. Read these 5 stages that will increase your chances for success..
As the scope of risk and compliance continues to grow, more silos have been created than ever before. In the face of this disparate information, traditional approaches to governance, risk and compliance (GRC) evolve into integrated risk management. Learn more about Integrated Risk Management. Gartner Magic Quadrant links..