Article
Audit Checklist for SOC 2
If your company is a service organization and your customers trust you with their data, you may need to pass a SOC 2 (System and Organization Controls 2) audit.
Compliance and certificati ...
February 19, 2024
Article
COBIT 2019 Audit Checklist
The alphabet soup of cybersecurity includes standards and regulations such as ISO, COBIT, COSO, NIST, NY DFS, and GDPR. While some industries must meet regulatory compliance requirements, ot ...
January 23, 2024
Article
What is the CISO’s Role in Risk Management?
The chief information security officer (CISO) is a relatively new type of C-level executive. As cyber threats have grown in recent years, to the point that poor cybersecurity can jeopardize ...
April 5, 2023
Article
Protecting Your Corporate Website as an Enterprise Risk Management Strategy
Organizations often view their websites as simple business cards that give customers information. Protecting your corporate website as an enterprise risk management strategy can keep your da ...
September 30, 2022
Article
What is Vendor Risk Management (VRM)? The Definitive Guide
Vendor risk management (VRM), a part of vendor management, identifies, analyzes, monitors, and mitigates the risks that third-party vendors might pose to your organization. Such risks could ...
September 22, 2022
Article
IRM, ERM, and GRC: Is There a Difference?
The various niches of risk management have become a veritable alphabet soup of acronyms. The advent of the digital age is partly to blame.
Virtually every organization is "going digital" ...
August 24, 2022
Article
5 Steps to Implement Enterprise Risk Management (ERM)
Enterprise risk management (ERM) is critical for success in the modern business landscape. Your ERM program should encompass all aspects of risk management and response in all business proce ...
August 18, 2022
Article
5 Benefits of GRC for CISOs
Chief information security officers (CISOs) wear many hats within their organizations - and those hats just seem to keep piling on. For example, "organizational risk leader" is one of three ...
April 4, 2022