Adopting to the ever-changing business landscape is a bit easier when the standards, guidelines, regulations, and controls adapt at scale. Since the first iteration of an Internal Control-Integrated Framework was... Read More
Blog
What to Consider When Planning a Cybersecurity Risk Management Program
It’s well-understood that computers, information technology, and the internet are here to stay. As wonderful as the internet may be, however, it would be irresponsible not to acknowledge that it... Read More
How to Determine Risk Appetite
Risk appetite can vary wildly depending on the organization: At its core, it represents the amount of risk an organization is willing to take to achieve strategic objections. Personal risk... Read More
End of Year 2020: Compliance Certification Roundup
Each month, ZenGRC highlights companies that have earned compliance certifications for information security frameworks. Here’s our January 2020 roundup of recent compliance certification news from around the United States and... Read More
SSAE 18 Requirements
Understanding SSAE 18 requirements means evaluating all the connections between your vendors, just as you would when playing Six Degrees of Kevin Bacon.
Read More