Main Blog

The HITRUST CSF contains several attributes that differentiate it from other information security frameworks.  Here are three tips on how to handle them! The HITRUST Business Case Many consider the... Read More
A GRC tool can provide many benefits to your GRC program, as we’ve discussed before. However, before you go chasing shiny objects, you must understand what a GRC program is... Read More
Trying to make sense of the Supreme Court’s recent Van Buren ruling? Below, is an easy-to-digest breakdown of the Court’s decision Brief Overview of Van Buren v. U.S. On June 3,... Read More
So, you’ve been tasked with providing evidence for an audit. You may be wondering what your auditor is even looking for. Let’s take a look behind the scenes at why... Read More
What is PCI’s perspective on Business Continuity?  Here is an overview on Business Continuity as described through the lens of the PCI DSS v3.2.1. Business Continuity is tied to Incident... Read More
Every company must deal with governance, risk, and compliance. Often abbreviated as GRC, this business function is responsible for ensuring that major risks are addressed, required compliance initiatives have been... Read More
I just finished the book "GRIT: The Power of Passion and Perseverance" by Angela Duckworth. Duckworth is a professor at the University of Pennsylvania and has studied Grit in the... Read More
Have you been looking for a sign to reinforce business continuity and resiliency within your organization? Consider this it. This week (5/17 – 5/23) is Business Continuity Awareness Week (BCAW),... Read More
Whether you are pursuing an ISO 27001 certification or a SOC 2 report, a robust asset inventory is going to be key to addressing compliance requirements and help you understand... Read More
A GRC tool can help an organization manage its governance, risk, and compliance program. But why use a GRC tool instead of managing your GRC program manually? GRC tools can... Read More