Check out this guest blog from Michael Rasmussen of GRC 20/20 to learn about six core elements required to craft compliance programs that meet current standards and are adaptable and scalable to meet future compliance challenges and opportunities.

The Security and Exchange Commission (SEC) released its final rule on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, effective mid-December 2023. Check out this blog to learn what this ruling entails, how this new regulation may impact your organization, and what your organization needs to do ensure compliance.

This guest blog by Michael Rasmussen of GRC 20/20 outlines how to define a process for regulatory change management and leverage the right technology to ensure your organization stays compliant.

We are frequently asked about using the CIS Critical Security Controls in SimpleRisk.  In this blog post you will learn about the different ways you can use their controls with our platform.

Struggling with managing compliance across multiple different control frameworks?  Learn how a common control framework can help you to simplify your compliance, saving you time and money.

Let’s go back to the basics and break down what enterprise compliance is and how you can use it to ensure your organization is conforming with its stated requirements.

Today I attended a CISO roundtable where a number of the attendees talked about their GRC platforms that have taken over a year to "connect all the wires" and they're still in the process of implementing. I know why their GRCs are failing them and there is a better way.

SimpleRisk partners with various MSSP providers to give customers a one-stop "GRC-as-a-Service" offering.  Learn more about how this works and whether the SimpleRisk GRCaaS platform may be a good fit for your organization.

What is the right way to do risk management?  We hear this question fairly frequently on calls with prospects and my answer is always the same.  There is no "right way" or "wrong way" to do risk management.  There's only your way...

Learn how to use SimpleRisk's Import-Export and Risk Assessment Extras in order to efficiently use the NIST Cybersecurity Framework's controls to assess your organization's risks and perform a control gap analysis.

At the end of June 2020, a civil rights coalition, which includes the Anti-Defamation League (ADL) and the NAACP, launched the #StopHateforProfit campaign.  This campaign calls upon major corporations to put a pause on Facebook advertisements, citing the company's...

As the Information Security Program Owner at National Instruments, a $1.4B global enterprise, I've spent the past ...

Before starting SimpleRisk, I sat in the CISO chair, on the other side of the negotiating table.  I learned the tricks ...

Every comic book superhero has a story behind them describing how they overcame some form of adversity in ...