Posted inNewsletter
Newsletter Issue #1: COSO for GenAI, SWIFT CSCF, FS AI Risk Framework, 2 Years of NIST CSF 2.0
COSO for GenAI, SWIFT CSCF, FS AI Risk Framework, 2 Years of NIST CSF 2.0
Posted inRisk Management
How to make a Cyber Risk Assessor using ChatGPT Projects
I recently made an AI bot at my company that does an initial risk assessment when you give it a potential risk scenario. We have an internal AI agent developer…
GRC Resources
Curated list of resources for people in GRC
Posted inInformation Security
C-I-A Score Calculator Tool
A demo tool to show how to practically use the CIA triad to rate an asset.
Posted inInformation Security Resources Risk Management
Security Risk Assessment Template (Qualitative)
If you do Security Risk assessments of a qualitative nature in your organization, you could use this template for detailed risk documentation. It has pages for describing the risk, evaluating…
Posted inInformation Security
What should be considered a “change”?
The legendary Ron Ross gives some guidance.
Posted inGovernance
What is a “legacy application”?
Four criteria that can be used to classify something to be "legacy"
Posted inFeatured Information Security Resources
ISO 27001 Gap and Maturity Assessment Templates
Two useful resources for people working on ISO 27001 - a Gap Assessment and a Maturity Assessment template
Posted inInformation Security Resources
Websites to Track Security Breaches & Cyber Incidents
List of websites where you can find information about security breaches
Posted inInformation Security Statistics
Security Maturity Benchmarks
Benchmarks of other companies and industries are very useful to GRC professionals. It is a good indicator to see how leaders, competitors, and the industry overall are positioned in terms…