Let’s Talk GRC & Security!
Here’s where we highlight creative things going on in the GRC and Security communities. We share insightful news and cutting edge theories about the current and future state of technology Security and Governance, Risk, and Compliance and its place at large and small clients across industries. Read about our experiences here. Please feel free to contact us to contribute to the conversation.
Agile GRC Development Process
As we have blogged about in the past, when we start an Archer engagement with a new client we usually perform a Roadmap exercise that walks them through identifying their current GRC processes and rated on the basis of complexity,...
“But Our Compliance Program Is Different” – Accommodating Variations in Your GRC Software
I have yet to implement a GRC solution without hearing the line “But Our Program is Different”, referring to a department’s need for an exception to how the rest of the organization manages a foundational process or defines a key term (e.g., risk assessments, issue...
Archer 6.5 is Here!
RSA Archer recently released the next iteration of Archer - version 6.5 - and it has some exciting new updates. Here is a rundown of the new and exciting features that are available in RSA Archer Release 6.5: Elasticsearch - a licensed solution to allow searching on...
Cential Expands GRC Resources
Cential recently teamed up with Adam Froemming who brings to the team years of experience in the design, management and governance of GRC systems. We've asked Adam to give us a overview of how he's gotten to this point in his career. From humble beginnings... My...
GRC Implementation Discovery
Continuing the discussion on GRC implementations, it would be worth exploring the discovery phase of the project that’s critical to defining the scope of the GRC program. Without understanding where your risk and compliance activities are happening there...
The Story of GRC vs. IRM
"What do you think the difference is between GRC and IRM?" That's a question we seem to hear over and over, and with good reason. I just heard that question again this week, and if you ask the internet, the answer you'll get is underwhelming and will likely keep you...