Article

Audit Checklist for SOC 2

If your company is a service organization and your customers trust you with their data, you may need to pass a SOC 2 (System and Organization Controls 2) audit. Compliance and certificati ...
February 19, 2024
Article

COBIT 2019 Audit Checklist

The alphabet soup of cybersecurity includes standards and regulations such as ISO, COBIT, COSO, NIST, NY DFS, and GDPR. While some industries must meet regulatory compliance requirements, ot ...
January 23, 2024
Article

What is the CISO’s Role in Risk Management?

The chief information security officer (CISO) is a relatively new type of C-level executive. As cyber threats have grown in recent years, to the point that poor cybersecurity can jeopardize ...
April 5, 2023
Article

Protecting Your Corporate Website as an Enterprise Risk Management Strategy

Organizations often view their websites as simple business cards that give customers information. Protecting your corporate website as an enterprise risk management strategy can keep your da ...
September 30, 2022
Article

What is Vendor Risk Management (VRM)? The Definitive Guide

Vendor risk management (VRM), a part of vendor management, identifies, analyzes, monitors, and mitigates the risks that third-party vendors might pose to your organization. Such risks could ...
September 22, 2022
Article

IRM, ERM, and GRC: Is There a Difference?

The various niches of risk management have become a veritable alphabet soup of acronyms. The advent of the digital age is partly to blame. Virtually every organization is "going digital" ...
August 24, 2022
Article

5 Steps to Implement Enterprise Risk Management (ERM)

Enterprise risk management (ERM) is critical for success in the modern business landscape. Your ERM program should encompass all aspects of risk management and response in all business proce ...
August 18, 2022
Article

5 Benefits of GRC for CISOs

Chief information security officers (CISOs) wear many hats within their organizations - and those hats just seem to keep piling on. For example, "organizational risk leader" is one of three ...
April 4, 2022
1 2 3 4