Let’s Talk GRC & Security!
Here’s where we highlight creative things going on in the GRC and Security communities. We share insightful news and cutting edge theories about the current and future state of technology Security and Governance, Risk, and Compliance and its place at large and small clients across industries. Read about our experiences here. Please feel free to contact us to contribute to the conversation.
The GRC Technology Hiring Gap
I get at least one message a week that goes something like, “Hi Andrew, I came across your profile on LinkedIn and was quite impressed with your background and experience, specifically in RSA Archer. I am looking to fill a few Archer...
read more
Evaluating Cloud Providers
I have a friend who recently started a new business venture. He’s been involved in several other ventures before therefore he’s familiar with the common business processes that are performed when running a business - accounting, scheduling, inventory, production,...
read more
The most overlooked element of successful GRC
Most GRC / IRM material focuses on things that are unique to the world of business and technology risk. This often makes sense since there is so much to consider when working with GRC. Thousands of GRC guides, white-papers, manuals, and blog posts fill professional...
read more
Path to a Successful Upgrade
Completing an Archer upgrade can be a daunting task. With the relatively recent release of Archer version 6.5, as Holly Giammanco mentioned in her post “Archer 6.5 is Here!”, there are multiple good reasons to get your Archer platform on the latest and greatest...
read more
Agile GRC Development Process
As we have blogged about in the past, when we start an Archer engagement with a new client we usually perform a Roadmap exercise that walks them through identifying their current GRC processes and rated on the basis of complexity,...
read more
“But Our Compliance Program Is Different” – Accommodating Variations in Your GRC Software
I have yet to implement a GRC solution without hearing the line “But Our Program is Different”, referring to a department’s need for an exception to how the rest of the organization manages a foundational process or defines a key term (e.g., risk assessments, issue...
read more