by Bryan Johnson | Jun 28, 2019 | Chief Compliance Officers
Two Lessons from the 2019 Rocky Mountain Information Security Conference (RMISC) Each year I embark on a journey with what seems like every other security professional in the Denver area, to the only Security conference that seems worthwhile to attend: The Rocky...
by Bryan Johnson | Apr 12, 2019 | Risk Management, SOC Reports
Evaluating Cloud Providers I have a friend who recently started a new business venture. He’s been involved in several other ventures before therefore he’s familiar with the common business processes that are performed when running a business – accounting, scheduling,...
by Bryan Johnson | Feb 13, 2019 | GRC Implementation, RSA Archer
Agile GRC Development Process As we have blogged about in the past, when we start an Archer engagement with a new client we usually perform a Roadmap exercise that walks them through identifying their current GRC processes and rated on the basis of complexity,...
by Bryan Johnson | Oct 12, 2018 | Chief Compliance Officers
Continuing the discussion on GRC implementations, it would be worth exploring the discovery phase of the project that’s critical to defining the scope of the GRC program. Without understanding where your risk and compliance activities are happening there is a risk...
by Bryan Johnson | Aug 8, 2018 | Chief Compliance Officers
In my last blog on the subject of “The Importance of Governance in the GRC Implementation”, I briefly touched on the importance defining a Vision, or rather, setting standards for a GRC implementation. I felt I needed to dive into these a little more because having...