Since the 2017 travel ban and the intense turmoil over relations in and out of the United States, this article remains relevant to issues of the secure human.
CISO Forum 2016 at the Ritz-Carlton Half Moon Bay
We’ve been having a continuous compliance conversation, but did you know that compliance is a fabric that breaks down over time?
Why Risk Management? Enterprise Risk Management has become a mandated business function involving security of the entire organization. If you are tasked with designing an ERM you may be wondering “is my goal to determine if we are secure or if we can enable a more secure enterprise? Am I expected to engage business partners, to provide meaningful metrics, to inform choices and decisions? Does the organization expect me to account for security responsibilities or am I the provider of a business service?"
Back in 2011, I began a thread on SEO. With all the events of fake news, I've decided to keep the articles in the Security section. They tell an important story about small business, website security, and business in the cloud.
The single most important factor impacting GRC success is the capacity to reduce security and risk management complexity to its fewest and simplest vectors. EnterpriseGRC Solutions and an Elastic Compliance Network can help.
Can you translate your product or industry to the most current regulatory requirements? Can you map your capabilities to the compliance problems you solve? GRC is broken. We can fix it. We tie out your security investment to your security and risk response. With over 150 analyzed products, 5000 systems policies and current models for seven major sectors, you can resolve your most perplexing regulatory challenges in just months.
If you have hundreds of security products and you can't map them to your regulatory requirements, our methodology will make this relatively easy to accomplish. If you have a product and you can't explain its capabilities to the security and compliance market, give us a call. An investment of less than 15K USD will reap guaranteed results.
How old is your facebook picture? (No, don't tell me, I don't care.) How much of our privacy obsession is related to truth? For example, the weight on your driver's license was absolutely true, twenty-five year ago. Is misrepresenting ourselves part of privacy or an American obsession with creating an illusion of identity?
4Point GRC, introduced in 2004 by Phoenix Business and Systems Process, evolved in 2007 and 2008, under use by Altran Control Solutions, and matured further with SOAProjects in 2010.
Factors impacting Governance Risk and Compliance have easily tripled since the term first hit our horizons in 2004.
(These rules were first published in The Perils of Mount Must Read, December 2005 and posted and copyright on www.pbandsp.com in 2006.)