Tag Archive: GRC Software

Security and Compliance: Steps to Activate Your Wonder Twin Powers

Written by - January 24, 2018

Security and compliance are the Wonder Twins of information security, needing each other for their powers to activate and protect you from threats.

6 Reasons Why Buying SaaS GRC Software Is a Safe Decision

Written by - July 27, 2017
SaaS GRC Software is a Safe Decision

Cloud versus on premise GRC software: a CIO’s dilemma? Well, maybe, and maybe not. Cloud based software solutions or cloud based computing is provides the CIO, CISO, CEO, CFO, and director an agile business process. IDG in its 2014 study shows that 69% of enterprises had applications and infrastructure running in the cloud. Looking at such statistics, you are forgiven for thinking that everyone is moving to the cloud: after all, if something is in the cloud it is better, right? The truth is there are those who are sticking to on premise software. In as much as this on premise vs. cloud debate is raging, I would like to be the moderator and say the cloud is winning. Here…

Tags: ,
Categorized in:

Hidden Cost of Cyberattacks: What Automation Can Do to Save You Money

Written by - June 27, 2017
hidden cost of cyberattacks

In 2016, Deloitte published its white paper on the hidden cost of cyberattacks. The firm reported that of the fourteen “impact factors,” some are obvious while others are less so. Cyberattacks are not simply single moments in time. Their life cycles can take months or years to come to an end. The incident response lifecycle starts with the reactive phase of incident triage and occurs in the days or weeks following an attack’s discovery. This means contacting those impacted and getting the business back online. The second step, impact management, involves finding ways to fix any problems that led to the breach, or to adjust internal processes. Finally, the business recovery phase includes rebuilding or redesigning assets to help rebuild…

10 Probing Questions To Ask Your GRC Vendor

Written by - December 23, 2016
Register for the Competent Compliance webinar

Overview: Managing GRC-related work often seems like an overwhelming task. Fortunately, GRC software has helped many companies like Uber, Fastly, and ThousandEyes streamline the process. When considering the purchase of GRC software, one of the most important factors to consider are how a potential GRC software vendor’s feature set will meet a company’s individualized needs. How can a company establish the appropriate GRC program? What are the most important questions to ask when trying to hire a GRC vendor? Steve Stumpfl, VP of Sales at Tevora, offered insights on how to assess risk and what questions to ask while assessing tools and vendors to improve GRC practice. Key Learnings:   Searching for the right GRC tool means doing research: both…

Tags: , ,
Categorized in:

Better Than Yoda: CIOs, GRC Tools, Principled Performance

Written by - December 22, 2016

A Jedi uses the Force for knowledge and defense, never for attack. – Yoda To be a true GRC Yoda, an organization must enact a principled performance based program using knowledge as a defense. However, any good Star Wars fan knows that learning how to use The Force is more important than The Force itself. Yoda, the knowledge-based expert, guided his Padawans to defending the galaxy through knowledge. In the same way, an organization’s CIO can protect a company using the GRC Principled Performance approach. What is Principled Performance? Principled performance is defined as “reliable achievement of objectives while addressing uncertainty and acting with integrity.” This means that for an organization to succeed, it must find ways of consistently evaluating unknowns. These…