-
Cybersecurity Controls Repository Framework
Introduction One of the most misunderstood concepts amongst Cybersecurity GRC teams, is the reach and benefits of a “Common Control Framework” or CCM. More often than not, the CCM is seen as the holy grail for ‘testing once, complying with many’. While there is some truth to this, realizing the value of CCM is more…
-
Control libraries: spreadsheets vs GRC specialized tools
In a recent LinkedIn poll, I asked for the main use cases that lead to the implementation of a specialized GRC tool, the two most voted use cases were the creation of a “Risk Register” and a “Controls Library” (see image below). The latter, came in with a comment around the progression from a spreadsheet-based…
-
Welcome to Cybersecurity GRC
The beginning of a new journey, this space is designed to create a community of Cybersecurity Governance, Risk and Compliance (GRC) practitioners that want to connect with others in the profession, bounce ideas with each other, share new concepts or simply learn about this industry. Everybody is welcome to contribute by sharing, respectfully & courteously,…
Cybersecurity Governance, Risk and Compliance 