Let’s Talk GRC & Security!
Here’s where we highlight creative things going on in the GRC and Security communities. We share insightful news and cutting edge theories about the current and future state of technology Security and Governance, Risk, and Compliance and its place at large and small clients across industries. Read about our experiences here. Please feel free to contact us to contribute to the conversation.
Chief Compliance Officers and GRC: Reasonable Assurance for Chief Compliance Officers
Often, the term “Reasonable Assurance” is used in reference to financial statement audits and is referring to assurance that they are free of material misstatement. Although this situation doesn’t really apply to the CCO’s role in oversight of compliance programs,...
read moreThe Importance of Addressing Issues Quickly
There is a great article in the September 2018 issue of WIRED magazine titled The Code That Crashed The World. Authored by senior writer Andy Greenberg, it is "the untold story of the most devastating cyberattack in history". The article is an in-depth examination of...
read more
Cential and Cadre Information Security Partnership
CADRE INFORMATION SECURITY AND CENTIAL ANNOUNCE PARTNERSHIP TO HELP CUSTOMERS DEVELOP RISK MANAGEMENT PROGRAMS CINCINNATI, OH – August 20, 2018 -- Cadre Information Security, a leading provider of information security solutions, has announced a partnership with...
read more
Notes from the RSA Archer Summit Day 2
Today has been a deluge of product news for RSA Archer. More features are being released in the next 6 months than in multiple years prior. Some of the interesting things are being released in the coming months include: Archer version 6.5 will be released in October....
read more
Setting the Vision for GRC Implementations
In my last blog on the subject of “The Importance of Governance in the GRC Implementation”, I briefly touched on the importance defining a Vision, or rather, setting standards for a GRC implementation. I felt I needed to dive into these a little more...
read more
Risk Management 1 vs Risk Management 2
I recently came across a YouTube video post on risk management that piqued my interest. I don't usually scour social media for risk management posts, but this one claimed to be a controversial stance, as emphasized Risk Management 1 and Risk Management 2 as competing...
read more