Skip to content

all about GRC

GRC resources for IT, Cyber Security & Audit professionals

  • Risk and Controls Database
  • About
Top Stories
How to make an Cyber Risk Assessor using ChatGPT Projects
February 15, 2026
GRC Resources
January 13, 2026
C-I-A Score Calculator Tool
August 24, 2025
Security Risk Assessment Template (Qualitative)
August 9, 2025
What should be considered a “change”?
June 7, 2025
What is a “legacy application”?
May 18, 2025
ISO 27001 Gap and Maturity Assessment Templates
April 26, 2025
Websites to Track Security Breaches & Cyber Incidents
April 20, 2025
Security Maturity Benchmarks
April 1, 2025
How to get into GRC
November 24, 2024
Vulnerability Remediation: how fast should you patch?
November 24, 2024
Industry Benchmarks
November 3, 2024
Security Maturity of critical infrastructure operators in Germany, 2024
November 3, 2024
Risk Register Template for Information Security
November 1, 2024
Free CIS Critical Security Controls v8 course
October 13, 2024
SAP achieves NIST CSF Tier 3
October 7, 2024
NIST CSF’s popularity
October 6, 2024
CISO stress report
October 6, 2024
Insider Threat scenarios from Carnegie Mellon
September 30, 2024
GRC function’s budget: 1% of annual revenue
September 29, 2024
Free Risk Management courses from NIST
September 25, 2024
Recommended: an NIS2 webinar from Metricstream and Deloitte
September 25, 2024
Qualitative is still king
September 25, 2024
NIST CSF 2.0 Maturity Assessment
September 22, 2024
RBI’s IT and Security Requirements
September 22, 2024
GRC tools
September 22, 2024
DORA Gap Assessment Template
September 21, 2024
Popular Posts

NIST CSF 2.0 Maturity Assessment

Risk Register Template for Information Security

ISO 27001 Gap and Maturity Assessment Templates

Security Risk Assessment Template (Qualitative)

Editor's Choice

GRC tools

How to get into GRC

Security Maturity Benchmarks

GRC Resources

Posted inRisk Management

How to make an Cyber Risk Assessor using ChatGPT Projects

I recently made an AI bot at my company that does an initial risk assessment when you give it a potential risk scenario. We have an internal AI agent developer…
Posted by Arun Sivadasan February 15, 2026
GRC Resources
Posted inCurated Featured Resources

GRC Resources

Curated list of resources for people in GRC
Posted by Arun Sivadasan January 13, 2026
C-I-A Score Calculator Tool
Posted inInformation Security

C-I-A Score Calculator Tool

A demo tool to show how to practically use the CIA triad to rate an asset.
Posted by Arun Sivadasan August 24, 2025
Security Risk Assessment Template (Qualitative)
Posted inInformation Security Resources Risk Management

Security Risk Assessment Template (Qualitative)

If you do Security Risk assessments of a qualitative nature in your organization, you could use this template for detailed risk documentation. It has pages for describing the risk, evaluating…
Posted by Arun Sivadasan August 9, 2025
Posted inInformation Security

What should be considered a “change”?

The legendary Ron Ross gives some guidance.
Posted by Arun Sivadasan June 7, 2025
Posted inGovernance

What is a “legacy application”?

Four criteria that can be used to classify something to be "legacy"
Posted by Arun Sivadasan May 18, 2025
ISO 27001 Gap and Maturity Assessment Templates
Posted inFeatured Information Security Resources

ISO 27001 Gap and Maturity Assessment Templates

Two useful resources for people working on ISO 27001 - a Gap Assessment and a Maturity Assessment template
Posted by Arun Sivadasan April 26, 2025
Websites to Track Security Breaches & Cyber Incidents
Posted inInformation Security Resources

Websites to Track Security Breaches & Cyber Incidents

List of websites where you can find information about security breaches
Posted by Arun Sivadasan April 20, 2025
Security Maturity Benchmarks
Posted inInformation Security Statistics

Security Maturity Benchmarks

Benchmarks of other companies and industries are very useful to GRC professionals. It is a good indicator to see how leaders, competitors, and the industry overall are positioned in terms…
Posted by Arun Sivadasan April 1, 2025
How to get into GRC
Posted inCareer

How to get into GRC

One of the common questions that I get from people: how someone could get into Governance, Risk, and Compliance (GRC)
Posted by Arun Sivadasan November 24, 2024

Posts pagination

1 2 3 Next page

GRC Communities

  • GRC Engineering Podcast
  • GRC subreddit
  • NIST Controls Discord server

Recent Posts

  • How to make an Cyber Risk Assessor using ChatGPT Projects
  • GRC Resources
  • C-I-A Score Calculator Tool
  • Security Risk Assessment Template (Qualitative)
  • What should be considered a “change”?

Category

  • Career
  • CISO
  • Compliance
  • Curated
  • Featured
  • Governance
  • Information Security
  • Organization
  • Resources
  • Risk Management
  • Solutions
  • Statistics
Copyright 2026 — all about GRC. All rights reserved.
Scroll to Top
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.