Tag: Governance

Search
IRC Blog

Who Should Be On Your Information Risk Council

The Information Risk Council (IRC), also known as the Risk Governance Council or Security Steering Committee, is a key component of an effective security program especially if aligned with ISO 27001 or SOC 2. This committee helps establish the vision for the organization’s security program, drives the strategy, and sets

Read More
GRC Program Blog

Implementing Continuity in Your GRC Program

Every company must deal with governance, risk, and compliance. Often abbreviated as GRC, this business function is responsible for ensuring that major risks are addressed, required compliance initiatives have been investigated, and the organizational structure supports these objectives. GRC Program Continuity Events Continuity events are typically thought of as natural

Read More

Build a Security Program and Run It Like a Business

I recently finished the book “Traction” by Gino Wickman. Next to Scaling-Up by Verne Harnish, I think it is one of the most actionable business books I’ve ever read. Our team has informally adopted both books as part of the risk3sixty cannon. While the book is largely about building a

Read More