If you were a bank robber, you would target the largest bank around in order to secure the biggest prize possible in exchange for the risk associated with committing the crime, right? The same is true for cyber criminals. They specifically target organizations within...
Wouldn’t it be great if there were an “easy” button for developing your organization’s governance, risk, and compliance departments? There are several aspects to consider when building out each sector, such as, what kind of control assessments should we have and how...
In the ever evolving world of cyber security, one component remains both dynamic and widespread, risk itself. The flu virus, much like risk itself, is ever mutating and adapting to new environments and we as human beings are consistently trying to defend ourselves...
The winds of change blow at gale force speeds when we talk about the IT industry and the need for information security that is becoming accepted as essential to doing business; recent high profile cases of large scale corporate hacks have shown how essential it is to...
Governance, Risk and Compliance (GRC) is an all-encompassing term that can cover an array of areas from business continuity through vendor management. Given the range of meaning, it’s important to understand what it means to you and your organization before selecting...
GRC is neither a project nor a technology, but a corporate objective for improving governance through more-effective compliance and a better understanding of the impact of risk on business performance. GRC can vary dramatically depending on the businesses vertical...