Risk Management

Featured Post

Project Management Lessons Learned From Risk Management

While risk management can be draining, it offers crucial lessons that enable managers to implement projects efficiently. If you undertake a thorough risk analysis before any project, you'll identify all the gaps and create mitigation strategies. This way, you'll save time and resources.

Best Practices for Reducing Web Services and API Risks in M&A

Just like most software assets contain open source, modern software applications commonly link to external web services via APIs. But developers using web services might not have a suitable agreement to do so, and they may be inadvertently signing their companies up to terms of service. This white paper covers the types of risk associated with web services and how they can affect an M&A transaction.
tripwire

Understanding Cybersecurity Supply Chain Risk Management (C-SCRM)

Cybersecurity Supply Chain Risk Management (C-SCRM) deals with more than protecting an organization from cyber-attacks on third parties. It also addresses third parties to those third parties (known as “fourth parties”). Further still, a vendor to your vendor’s vendor is a fifth party, then a sixth party, etc. Your SCRM should involve knowledge of how far, complex and even convoluted your supply chain is. Then measure this complexity with your risk appetite.

reciprocity

Improve Workflow Collaboration with Slack Integration for ZenGRC

Not long ago, we’d say “slack” to describe not working, as in “slacking on the job.” With the advent of the Slack app, though, the term has become synonymous with productivity. And Slack’s ability to work in tandem with hundreds of applications makes this popular team communication and collaboration tool even more useful.

Overcoming the 6 Most Common Threat Modeling Misconceptions

Threat modeling promotes the idea of thinking like an attacker. It enables organization to build software with security considerations, rather than addresssing security as an afterthought. However, there are some very common misconceptions tha can cause firms to lose their grip around the threat modeling process. This eBook shines a light onto the essentials and helps to get your bearings straight with all things related to threat modeling.
Featured Post

Data Protection Vs. Cyber Security: Why You Need Both

In recent years, both large and small organizations have been affected by data breaches. Business owners, C-suite executives, and CIOs face the reality that they can be a target of security breaches at any time. These incidents can jeopardize your organization's credibility besides leading to financial and productivity losses.

reciprocity

ISO 27001 Firewall Security Audit Checklist

Because of additional regulations and standards pertaining to information security, including Payment Card Industry Data Security Standard (PCI-DSS), the General Data Protection Regulation (GDPR), Sarbanes-Oxley (SOX), the Health Insurance Portability and Accountability Act (HIPAA), California Consumer Privacy Act (CCPA) and ISO 27001, organizations are putting more emphasis on compliance as well as the auditing of their cybersecurity policies and cybersecurity controls.

servicenow

ServiceNow named a Leader in the 2020 Magic Quadrant for IT Vendor Risk Management Tools

It’s an honor to be named a Leader in the 2020 Gartner Magic Quadrant for IT Vendor Risk Management Tools (ITVRM)! ServiceNow Vendor Risk Management delivers a fast, smart, and connected way to manage third-party risk and build supplier resilience. This recognition as a Leader in the 2020 ITVRM Magic Quadrant comes shortly after Gartner also named ServiceNow as a Leader in the 2020 Magic Quadrant for IT Risk Management and in the 2019 Magic Quadrant for Integrated Risk Management Solutions.

appian

Recalibrating Enterprise Risk Management in Response to Crisis

COVID-19 and its impact have demonstrated that change can be rapid, disruptive, and non-negotiable. This is especially relevant to enterprise risk management, where the challenge can be summed up in one word: recalibration. Many financial institutions have been investing in model-driven analysis and data-anchored approaches. We know that the models themselves must adapt as situations change. But what about the processes and policy governance that surround these models?