Tag: it grc
Are Your Risk Assessments Reliable?
How confident is your chief risk officer in their risk assessment? Are they 100% confident? 90% or 80%? CROs need to understand the margin of error.
Cybersecurity Isn't an IT Risk, It's a Business Risk
Cybersecurity risk assessment should be an integral part of the organization’s enterprise risk management program and decision-making, not a siloed operation.
The Greatest Risk and the Greatest Asset: People
Internal audit needs to be alert to poor performers, at any level. They also need to be alert to the failure to recognize and reward high performers.
AI Governance Is a Challenge That Can't Be Ignored
As business finds increasing uses for AI, developing a model for governance of the data will be critical to staying on the right side of regulation.
SaaS Is in Style: Here’s How to Collaborate With Confidence
While industry data clearly demonstrates the preference for, and value of, SaaS applications, I believe we’ve only scratched the surface of what’s possible.
Get Your Information Governance Act Together in 2022
Which would you rather be when new information challenges arise: proactive or reactive?
Key Security Challenges for Smart Offices and Their Solutions
The rapid development and deployment of workplace technologies, coupled with the adoption of new ways of working, comes with added risks.
Here's Where to Start With Your Information Security Program
How do you prioritize data protection at a time of evaporating perimeters, widespread data access, and the misguided idea that “more is better” with data?
How Effective Process Management Can Reduce Business Risk
There is a close link between business processes and risk levels. Learn how to manage the former to reduce the latter.
What Is Wrong With a Typical Risk Register?
How can the risk register be improved?
Why You Need a Plan for Content Security in Microsoft 365
Microsoft 365 has a ton of great applications, all with their own security implications.
Don’t Be Afraid of the Dark: Bring Dark Data Into the Light
Finding and managing the dark data you don’t know about is a big project, but is worth the effort.
A Simple Risk-Driven Decision Technique
A process I learned in my youth
Collaboration & Productivity
Striking the Security and Enterprise Collaboration Balancing Act
Organizations need solutions, processes and cultures that foster an ongoing dedication to information security without getting in the way of productivity.
Even the Best Laid Plans Forget This Security Gap
The risks and potential liability of ineffective data destruction at end of life are too high for organizations to risk.
The Risks and Consequences of Information Mismanagement
In so many cases, information mismanagement isn't a failure of technology so much as a failure of management to understand and take the necessary action.
Securing Sensitive Information in the Cloud Comes Down to Access Management
When it comes to data security, most organizations worry about external actors, when what they really should worry about is the threat from within.
Why Taking on More Strategic Risk Can Be Fuel for Growth
Risk doesn't have to be scary or negative. Instead you should view it as fuel for growth.
How Do You Make Decisions?
How can we, the "risk" managers, help leaders make informed and intelligent decisions that consider all the things that might happen?
How Will Risk Management Change as We Emerge From This Crisis?
Even before the crisis, few in executive management believed their risk management programs were helping them run the organization for success.