How GRC solutions help companies meet GDPR requirements

In May of 2018, companies raced to the finish line to accomplish GDPR compliance. Given that it was the first year of GDPR, many industry experts expected to not see any companies fined. That is all going to change in the year ahead. In January 2019, Google was hit with the first major GDPR fine of $57 million, putting an end to the unspoken grace period. Companies should recognize this…

ISO 27001 Control A.5

A.5 Security Policies A.5.1 Information Security Policy To provide management direction and support for information security in accordance with business requirements and relevant laws and regulations. A.5.1.1 Information Security Policy Document A set of policies must be defined, approved by management, published and communicated to employees and relevant external parties. The policies must be led by business needs, alongside the applicable regulations and legislation affecting the organisation too.┬áThese policies need…

What is ISO 20071:2003?

ISO 27001 is the international standard which is recognised globally for managing risks to the security of information you hold. Certification to ISO 27001 allows you to prove to your clients and other stakeholders that you are managing the security of your information. ISO 27001:2013 (the current version of ISO 27001) provides a set of standardised requirements for an Information Security Management System (ISMS). The standard adopts a process based…

Requirement of GRC

The news headlines continue to report on fines imposed by regulators, a myriad of corporate bribery and fraud, and the challenges of driving business growth. This trend only serves to highlight that despite recent investment in compliance, internal audit, risk management, and corporate governance disciplines, significant assurance gaps exist in most corporations. While isolated incidents of one-time governance failures are bound to occur, long-term systemic failures are more than just…

GRC with RPA

What is Robotic Process Automation (RPA) According to gartner, RPA is the recalibration of human labor to drive business outcomes. RPA is low cost, it costs about 1/3rd of offshore and 1/5th of onshore employees. It is quick to implement and unobtrusive. It can work with zero human error. It is commonly used for reporting, accounts payable, customer feedback capture and sales quote preparation. What is Governance, Risk management and…