Struggling with where to begin with your Information Security Program? Learn how taking a risk-centric approach can help accomplish your goals.
Struggling with where to begin with your Information Security Program? Learn how taking a risk-centric approach can help accomplish your goals.
Learn the 8 fundamentals we recommend to establish an effective Enterprise Risk Management process from the ground up, which will set the stage for a successful GRC program rollout.
ISO 27001 has become the most requested framework to use within SimpleRisk. In this blog post you will learn about the different ways you can use their controls with our platform.
How can a relatively new vendor enter a mature market that has a multitude of established players and, with no outside funding, differentiate itself from the competition to make a global impact? Read on to learn how SimpleRisk is doing just that.
Struggling with managing compliance across multiple different control frameworks? Learn how a common control framework can help you to simplify your compliance, saving you time and money.
Let’s go back to the basics and break down what enterprise compliance is and how you can use it to ensure your organization is conforming with its stated requirements.
Today I attended a CISO roundtable where a number of the attendees talked about their GRC platforms that have taken over a year to "connect all the wires" and they're still in the process of implementing. I know why their GRCs are failing them and there is a better way.
Curious about SimpleRisk’s product offerings and available functionality? Read on to learn about our flexible deployment models – from free and open source to fully-featured GRC platform!
Explore your options for managing personnel changes in SimpleRisk.
SimpleRisk partners with various MSSP providers to give customers a one-stop "GRC-as-a-Service" offering. Learn more about how this works and whether the SimpleRisk GRCaaS platform may be a good fit for your organization.
What is the right way to do risk management? We hear this question fairly frequently on calls with prospects and my answer is always the same. There is no "right way" or "wrong way" to do risk management. There's only your way...
Learn how to use SimpleRisk's Import-Export and Risk Assessment Extras in order to efficiently use the NIST Cybersecurity Framework's controls to assess your organization's risks and perform a control gap analysis.
At the end of June 2020, a civil rights coalition, which includes the Anti-Defamation League (ADL) and the NAACP, launched the #StopHateforProfit campaign. This campaign calls upon major corporations to put a pause on Facebook advertisements, citing the company's...
As the Information Security Program Owner at National Instruments, a $1.4B global enterprise, I've spent the past ...
On March 29, 2019, Alex Polimeni and I presented at the BSides Austin conference on some of the work we've ...
Recently, a friend sent me a blog post by John A. Wheeler of Gartner entitled "What Ever Happened to GRC?". In ...
Every comic book superhero has a story behind them describing how they overcame some form of adversity in ...