If you have been following this website for a while, you might have noticed that a newsletter has been quietly running in the background. Ten issues in, I realized I never actually sat down and wrote a proper post about it. So here we are.
A bit of background
I have been building AllAboutGRC.com for almost a year now.
From the beginning, my goal was to create a place where GRC professionals could find useful resources, practical content, and honest perspectives on the field. But at some point, I started wanting to do more than just publish long-form content and wanted to share interesting things as they happened.
The thing is, for a long time, the GRC world is generally a very boring place… not exactly a hotbed of breaking news (like in AI, Crypto, Cloud etc). The most exciting thing that typically happened was a new tool release, an analyst report or the occasional new standard/framework. The biggest headline in recent memory was probably the release of NIST CSF 2.0, and even that took years of anticipation before it landed.
Then ChatGPT happened and things started becoming more interesting…
Why the newsletter
Almost overnight, there was something new happening in our space every single week – New AI security risk frameworks or AI governance guidances… GRC vendors integrating AI… Startups popping up… Regulators scrambling to catch up…
Also, I have this habit of bookmarking interesting stuff I find online and wanted to share it with people.
Both of these gave me the motivation to start the newsletter.
I wanted a format where I could share the most interesting things I had come across during the week, without it taking too much of anyone’s time. The goal was simple: five things worth reading, delivered every Sunday, in under ten minutes.
How it works
Each issue covers five items. These could be news articles, research, frameworks, tools, commentary, or resources that I found genuinely useful or thought-provoking during the week. They are things I actually read, bookmarked, or had shared with me.
A couple of principles I try to stick to:
- I always attribute and link to the original source: My job is to surface things, not to take credit for them. If I include a screenshot, it is only to highlight something specific. The whole point is to give you enough context to decide whether it is worth your time, and then send you to the original.
I try to lean towards current content, but GRC is a field where a lot of the best writing is evergreen. A well-written post about third-party risk or control design from two years ago can be just as relevant today. So I do not force recency for its own sake.
What writing it has done for me
Something I did not expect when I started was how much the newsletter would change my own habits.
Committing to five items every Sunday means I have to actually go out and find them. That sounds obvious, but it has made me genuinely disciplined about reading. I am constantly scanning, bookmarking, and filtering during the week.
And because I know I have to summarize something clearly enough for someone else to find it useful, I end up engaging with the material much more deeply than I would if I were just skimming.
The side effect has been that I feel more aware and up-to-date about what is happening in our industry than I ever have before. I am not just vaguely familiar with something because I saw a headline. I have actually read it, thought about it, and tried to distill it. That loop of reading, summarizing, and writing has also made things stick better. I remember more.
Honestly, that alone has made the newsletter worth doing, even setting aside whether anyone reads it. This is something I never anticipated.
Where to find it
I started out publishing the newsletter both here on the website and on Substack.
After a couple of issues, it became clear that was just duplicating work unnecessarily. Substack is simply a better experience for a newsletter: you can subscribe, read it in your email, and share it easily. So that is where it lives now.
You can subscribe at allaboutgrc.substack.com. You can also access it directly from the Newsletter link on the top menu.
It is completely free, and I have no plans to change that in the short term.
If you have been visiting this site and finding it valuable, I think you will enjoy the newsletter too. And if you have already been reading it, thank you!
Here are some quirky and memorable images I used for the newsletter so far!
