Hi [[ session.user.profile.firstName ]]
Sort by:
    • Reaching the GRC Summit - Planning, Technology, and Execution
      Reaching the GRC Summit - Planning, Technology, and Execution Michael Rasmussen - GRC 20/20 Recorded: Jul 24 2018 4:05 pm UTC 52 mins
    • To ascend a mountain safely takes proper planning and equipment. Yes, you can go solo without equipment, but disaster awaits you. The same is true for GRC implementations, a cavalier approach is likely to lead to failure. To achieve progress and maturity in GRC requires careful planning and execution that is supported by the right technology choices. Like climbing a mountain, this should be done in stages with critical points to review progress and look at the path ahead of us. This keynote session took lessons from mountaineering and applied them to GRC process improvement through the appropriate use of technology.

      Read more >
    • Innovation in GRC 360 Contextual Awareness: Lockpath Keylight Ambassador
      Innovation in GRC 360 Contextual Awareness: Lockpath Keylight Ambassador Michael Rasmussen - GRC 20/20, Sam Abadir - Lockpath Recorded: Mar 20 2018 12:45 pm UTC 28 mins
    • Join the GRC Pundit, Michael Rasmussen and Lockpath’s Sam Abadir for a 60-minute webinar as we review the capabilities of the Lockpath Keylight Ambassador, winner of the 2015 GRC 2020 Award for Technology Innovation in Enterprise GRC Integration.

      Organizations need to move beyond the concept of a GRC platform and focus on an integrated view of GRC data and systems through a GRC architecture that is a cohesive part of the broader business fabric of the organization. This is what GRC 20/20 refers to as 360° GRC contextual awareness. Where risk and compliance is monitored and understood in the course of business operations, changing risks and regulations, and interactions. Delivery of GRC contextual awareness requires that GRC be a central nervous system to capture signals found in processes, data, and transactions as well as changing risks and regulations for interpretation, analysis, and holistic awareness of risk in the context of business. Lockpath Keylight Ambassador is a GRC solution that offers a hybrid agent architecture that enables organizations to collect distributed GRC related data from applications installed across the organization and in the cloud. Keylight’s Ambassador innovation and advancement of GRC technology is its ability to securely and automatically transmit on premise data to the cloud from business systems and information security tools.

      Read more >
    • Mobile Assessments for Your GRC Program: Anytime, Anywhere
      Mobile Assessments for Your GRC Program: Anytime, Anywhere Mason Karrer, GRC Strategist, RSA Recorded: Mar 27 2014 3:00 pm UTC 58 mins
    • Today’s workforce embraces the idea that with mobile technology, we can work anywhere. Risk and compliance professionals are challenged to complete assessments that require location or site-specific information. Physical security, facility site and self-assessments require them to collect data and evidence while they are away from their desks, and organizations are turning to mobile to help them accomplish these tasks more efficiently.

      During this webcast, you will learn how to develop and implement a mobile strategy for your GRC assessments to more efficiently capture risk and compliance assessment information on-site. By transforming time-consuming operational chores into efficient, value-added processes, you can significantly reduce potential data entry errors and delays in sharing this critical risk data.

      Join us to learn more about:
      • Considerations for determining what GRC use cases are best suited for the mobile environment
      • How customers are utilizing RSA Archer GRC Mobile
      • Using RSA Archer GRC Mobile to conduct audit, risk and compliance assessments via a product demonstration

      Read more >
    • Turn Risk into Opportunity with a Risk Intelligence Approach to GRC
      Turn Risk into Opportunity with a Risk Intelligence Approach to GRC Steve Schlarman, GRC and Security Strategist, RSA Recorded: Jun 17 2014 3:00 pm UTC 60 mins
    • Today’s business environment is fraught with risk. Economic, technology and market conditions affect organizations on a daily basis. However, this constantly changing risk landscape – globalization, expanding digital infrastructures, supply chains, regulatory changes – also represents an opportunity. An opportunity for growth and innovation that can take an organization to the next level.

      We are moving to a world where risk management will become the primary source of competitive advantage. Rather than avoiding risk, organizations need the ability to embrace it. Risk management will become the core capability from which organizations who do it effectively will prosper, while those that don’t will fail.

      Join this webcast to learn the benefits of a Risk Intelligence approach, including:
      • Better, more predictable decision-making
      • Greater business opportunity
      • Better business performance

      Read more >
    • How to integrate Business Risk and IT Risk
      How to integrate Business Risk and IT Risk Alex Hollis, GRC Practice Director SureCloud Recorded: Nov 27 2018 4:00 pm UTC 49 mins
    • ****PLEASE NOTE THIS IS A RESCHEDULE OF THE WEBINAR ORIGINALLY SET FOR 14TH NOV.****

      Many governance, risk, and compliance (GRC) projects fail because they’re deployed to support a specific compliance need or to meet the requirements of a specific department. In this webinar, SureCloud’s GRC Practice Director will discuss taking an integrated Risk Management approach, connecting Business Risk and IT Risk.

      The session will cover:

      • The challenges Integrated Risk Management (IRM) causes
      • Outlining how operational and IT Risk must work together
      • An approach for creating a model within your own business with the right GRC technology
      • The benefits of integration for internal communication and the relationships within your business

      Read more >
    • [Earn 1 CPE] Post-GDPR: Key Steps to GRC Integration
      [Earn 1 CPE] Post-GDPR: Key Steps to GRC Integration Moderator: Colin Whitaker. Panel: Sooji Seo, RSA; Quin Rodriguez, Riskonnect; Gabriel Gumbs, STEALTHbits; Tim Hill, Centrify Recorded: Jul 26 2018 5:00 pm UTC 76 mins
    • Data protection laws such as the General Data Protection Regulation (GDPR) are complex, and can impact a broad range of business roles, including legal, audit, HR and finance, not just IT. In achieving GDPR compliance, organizations should focus on getting these roles to work together in ongoing efforts to ensure governance, risk and compliance (GRC) across an organization, and not be distracted by the noise in the marketplace. Through the process of integrating GRC practices real value can be achieved, as long as all stakeholders work with one another and take practical, measured steps toward integration. Join our panel of experts on this CPE accredited webinar to learn how your organization can achieve this.

      Learning Objectives

      - Find out how to align risk management with enterprise performance management under the GDPR.
      - Learn how to work with stakeholders to effectively integrate compliance activities, and gain transparency, efficiency and agility for process operations.
      - Discover how to identify and manage the digital risks that matter, and which risk functions need to transform.

      Read more >
    • Third Party Risk: Gaining certainty amid a web of global relationships
      Third Party Risk: Gaining certainty amid a web of global relationships Michael Rasmussen, GRC Analyst at GRC 20/20 and SureCloud's COO, Nick Rafferty Recorded: Apr 6 2017 2:00 pm UTC 56 mins
    • In today’s interconnected world, organizations struggle to adequately govern risk in third party business relationships. Over half of the organization’s insiders are no longer traditional employees. Insiders now include suppliers, vendors, outsourcers, service providers, contractors, subcontractors, consultants, temporary workers, agents, brokers, dealers, intermediaries, and more. Third party problems are the organization’s problems that directly impact brand, reputation, compliance, strategy, and risk to the organization.

      Join Michael Rasmussen, The GRC Pundit of GRC 20/20, and Nick Rafferty, SureCloud COO, to get an expert view of the challenges companies face and how to gain certainty amid an uncertain web of complex, global relationships.

      In this webinar you will learn:

      Why fragmented approaches to third party governance are doomed to fail
      How inadequate resources can’t keep up with growing risk and regulations
      How document, spreadsheet and email-centric approaches lack current-state analyses and audit trails
      Amid a challenging environment, what to do today by defining a strategy and adopting a single-version-of-the-truth software solution.
      How SureCloud's unique GRC Platform and its Third Party Risk Manager Application can strengthen your assessment process

      Agenda includes plenty of time to address your questions.

      Read more >
    • GRC in Colour with Performance Analytics
      GRC in Colour with Performance Analytics Toby Isaacson Recorded: Jul 5 2018 2:00 pm UTC 30 mins
    • How do you prove you are compliant every month in a constantly shifting technology and regulatory environment?

      The combination of ServiceNow's GRC and Performance Analytics enables the automation, simplification, and remediation of complex controls, giving you short order visibility of your compliance.

      Toby will focus on how TESM achieved exactly that, with further augmentation, using operational dashboards, resulting in actionable insights to help prevent potential breaches - before they happen.

      Toby will demonstrate how to achieve:
      1. Reduced risk exposure, because you acted in 3, rather than 30, days
      2. Transparent empowerment for proactive compliance
      3. The ability for the CIO to identify problem areas in seconds, knowing what needs focus right now

      The outcome is a stress-free compliance management experience.

      Read more >
    • GRC & IT Security Series: The Risk Management Framework for Today's GRC Concerns
      GRC & IT Security Series: The Risk Management Framework for Today's GRC Concerns Paul Schoeny, VP Cybersecurity, BAP Recorded: Nov 28 2018 7:00 pm UTC 27 mins
    • Join the GRC & IT Webinar Series for the byte-sized sessions aimed at making federal regulations understandable and actionable. What is the NIST Risk Management Framework (RMF)? Simply put: The RMF provides steps/activities to manage your organizations risk and to develop an effective information security program applied to legacy and new systems. Join BAP as we breakdown the six steps identified in the RMF and:
      -Understand what is your cyber policy
      -Break down the six steps found within RMF
      -Establish a baseline of control policies
      -Gain tips for accelerating your control and policy management needs
      -Automate Continuous Monitoring
      -Understand how continuous monitoring of NIST and RMF control health can eradicate failing health scores.

      Read more >
    • How to Buy a GRC Platform
      How to Buy a GRC Platform Adam Billings - Principal Consultant, Lockpath Recorded: Feb 22 2018 5:00 pm UTC 57 mins
    • Buying a GRC platform isn’t so much about sizing up the options as it is about analyzing your company’s needs. After that, it’s about knowing which questions to ask vendors and how to evaluate their offerings while keeping business processes front and center. In this webinar, we’ll share how to self assess needs and benchmark your GRC maturity. Throughout the hour, we’ll offer buyer’s tips and empower you to buy the GRC platform that’s right for your company.

      In this webinar, you will discover:

      • How to assess your organization and determine what type of platform is right for you
      • What questions to ask when evaluating GRC vendors
      • Tips for building a business case for a GRC platform and estimating potential ROI

      In our increasingly competitive and digital world, organizations need to evolve to be more competitive. For many, an untapped resource is GRC and its role in increasing efficiency and organizational resiliency. Explore what’s possible in this educational webinar.

      Read more >
    • Innovation in User Experience: Keylight Bulk Operations
      Innovation in User Experience: Keylight Bulk Operations Michael Rasmussen - GRC 20/20, Sam Abadir - Lockpath Recorded: Mar 27 2018 12:55 pm UTC 38 mins
    • Join the GRC Pundit, Michael Rasmussen and Lockpath’s Sam Abadir for a 60-minute webinar as we review the capabilities of Lockpath’s Bulk Operations solution, winner of the 2015 GRC 20/20 Award for Innovation in User Experience for IT GRC.

      Information security operations often are encumbered by processes that take extensive time to modify and update. When mass changes need to take place, it is time consuming to go into each record and modify and manipulate data. For example, when vulnerability scanners report finding assets that are about to be decommissioned, action items in remediation will be a waste of time. Another example is when a business division splits or is dissolved and IT assets and security records needs to be reassigned to one division or another. Lockpath’s Bulk Operations is an innovative solution that makes it easy and intuitive for organizations to manage bulk changes to IT GRC data. Lockpath clients can now easily identify data that needs some sort of change, whether it’s a change in the value of a single or multiple fields, the addition of new fields, the removal/deletion of existing fields, or shifting workflow and tasks. This saves organizations hours of work because the feature is built into the ad hoc reporting engine, organizations can easily and quickly filter data sets they want to edit.

      Read more >
    • GRC & IT Security Series: Financial & Banking Service Regulations: SEC, PII, PCI
      GRC & IT Security Series: Financial & Banking Service Regulations: SEC, PII, PCI Jeffrey Lush, CEO and Co-founder, BAP Paul Schoeny, VP Cybersecurity, BAP Recorded: Dec 12 2018 7:00 pm UTC 29 mins
    • Join the GRC & IT Webinar Series for byte-sized sessions aimed at making federal regulations understandable and actionable. Often understanding the interpretation of SEC Cybersecurity Guidance, PII and PCI can be difficult and is often more of an art than a science. The objective of every organization is to provide cybersecurity protection and compliance with the standards established within these regulations. Join us to discover the steps you need to develop your cyber strategy and:

      -Understand the SEC, PII and PCI regulations
      -Focus on the security objectives all regulations are hoping to achieve
      -Learn how to leverage your existing cyber investment, augment the tools you already have for real-time threat detection
      -Understand how continuous monitoring of Policy control health can eradicate failing scores.
      -Automate cyber standards, policy, and compliance
      -Learn how to build and discover your cyber standard needs
      -Analyze and validate the implementation of those standards

      Read more >
    • GRC & IT Security Series: Healthcare Compliance & Security: Understanding HIPAA
      GRC & IT Security Series: Healthcare Compliance & Security: Understanding HIPAA Paul Schoeny, VP Cybersecurity, BAP Upcoming: Jan 9 2019 7:00 pm UTC 30 mins
    • Join the GRC & IT Webinar Series for byte-sized sessions aimed at making federal regulations understandable and actionable.HIPAA compliance remains critical for all healthcare organizations to combat security breaches. It is no surprise that the Healthcare industry remains one of the top targets for cyber-attacks. To avoid hefty fines and to gain the eagle eye view of the overall health of the organizations, GRC, IT Security and Compliance teams are quickly developing strategies to mitigate security breaches and achieve compliance to HIPAA. Join this bite-sized webinar to learn how organizations are tackling HIPAA.
      -Understand the policies and controls set forth in HIPAA
      -Understand how traditional compliance methods invite risk
      -Understand how continuous monitoring of HIPAA control health can eradicate failing health scores.
      -Discuss the innovations happening to drive automation of security breach policy and policy health oversight
      -See checks and balances to confirm implementation and policy health.

      Read more >
    • Mature Compliance: Increase GRC User Adoption
      Mature Compliance: Increase GRC User Adoption Deborah Cheek - CRFS, Sam Abadir - Lockpath Recorded: Mar 14 2018 7:10 pm UTC 39 mins
    • Prior to the implementation of the Keylight Platform, Claims Recovery Financial Services’s (CRFS) policies and procedures were scattered throughout the organization’s networks. With a vast number of compliance requirements and multiple client audits each year, the company’s existing policy and compliance management process was inefficient and costly.

      In this 60-minute webinar, Deborah Cheek, CISO at CRFS, will discuss with Sam Abadir how implementing the Lockpath Keylight Platform transformed CRFS’ policy management and compliance program, streamlined its internal policy management process, increased user adoption of its GRC program, and ultimately helped the company gain a competitive advantage.

      Read more >