Let’s Talk GRC & Security!
Here’s where we highlight creative things going on in the GRC and Security communities. We share insightful news and cutting edge theories about the current and future state of technology Security and Governance, Risk, and Compliance and its place at large and small clients across industries. Read about our experiences here. Please feel free to contact us to contribute to the conversation.
As we have blogged about in the past, when we start an Archer engagement with a new client we usually perform a Roadmap exercise that walks them through identifying their current GRC processes and rated on the basis of complexity,...read more
I have yet to implement a GRC solution without hearing the line “But Our Program is Different”, referring to a department’s need for an exception to how the rest of the organization manages a foundational process or defines a key term (e.g., risk assessments, issue...read more
RSA Archer recently released the next iteration of Archer - version 6.5 - and it has some exciting new updates. Here is a rundown of the new and exciting features that are available in RSA Archer Release 6.5: Elasticsearch - a licensed solution to allow searching on...read more
Cential recently teamed up with Adam Froemming who brings to the team years of experience in the design, management and governance of GRC systems. We've asked Adam to give us a overview of how he's gotten to this point in his career. From humble beginnings... My...read more
Continuing the discussion on GRC implementations, it would be worth exploring the discovery phase of the project that’s critical to defining the scope of the GRC program. Without understanding where your risk and compliance activities are happening there...read more
"What do you think the difference is between GRC and IRM?" That's a question we seem to hear over and over, and with good reason. I just heard that question again this week, and if you ask the internet, the answer you'll get is underwhelming and will likely keep you...read more