Article
10 Probing Questions To Ask Your GRC Vendor
Overview:
Managing GRC-related work often seems like an overwhelming task. Fortunately, GRC software has helped many companies like Uber, Fastly, and ThousandEyes streamline the process. ...
December 23, 2016
Article
Better Than Yoda: CIOs, GRC Tools, Principled Performance
A Jedi uses the Force for knowledge and defense, never for attack. – Yoda
To be a true GRC Yoda, an organization must enact a principled performance based program using knowledge as a d ...
December 22, 2016
Article
ILOVEYOU Not H1N1: InfoSec as Business Continuity
Information security and business continuity increasingly commingle. Traditionally, business continuity planning focused on natural occurrences such hurricanes, H1N1, and freak ice storms. H ...
December 14, 2016
Article
Clear It Up For Me: Clarity Project’s 2017 SSAE-18 Change
In April 2016, the AICPA’s Auditing Standard Board (ASB) released a clarified attestation standard for SSAE-18. Although this is a standard guiding the manner through which auditors must r ...
December 14, 2016
Article
SOC 2 Reporting: Everything You Need To Know
Meeting the standards of a Service Organization Control Level 2 audit (more commonly known as achieving SOC 2 compliance) demonstrates your organization’s commitment to data security and t ...
December 13, 2016
Article
Ch-ch-ch-changes: The 2015 ISO 9001 Updates and Your Business
Despite the release date in 2015, many CISOs are still trying to figure out where the puzzle pieces of the updated ISO 9001 standard fit in their compliance program. With the Internation ...
December 8, 2016
Article
In Search Of: ISO Framework and What You Need To Know About ISO 27001
The ISO Framework is one of the basics of information security and its controls. While many managers focus on computers and their controls, risk management principles in ISO 27001 are changi ...
December 6, 2016