Security Risk Advisors

Category: GRC

RSA Archer: Think “objectives” instead of core modules

July 10, 2014 | Posted in GRC by Scott Byrum

When we discuss Archer with our clients, we commonly begin the discussion on their use cases for the tool. We usually hear about the core modules that the client has purchased such as risk, compliance, policy, audit, or business continuity management… Continue Reading

Securing the Point of Sale Device

December 23, 2013 | Posted in GRC by Carl Angeloff

It has been confirmed by Target and American Express that 40 million credit and debit cards have been compromised across the retail chain's point-of-sale (POS) environment.  The breach occurred across most or all of Target's stores in the United Stat… Continue Reading

Streamline PCI compliance with a GRC Tool

December 9, 2013 | Posted in GRC by Scott Byrum

If your organization is required to be compliant with the PCI DSS, consider the following 4 ways that a GRC tool can help reduce common headaches.  If you’d like to discuss how to achieve these benefits with a GRC tool, send an email to scott.byrum@s… Continue Reading

Top 5 Benefits of Implementing a GRC Tool

October 1, 2013 | Posted in GRC by Scott Byrum

Audits, risk assessments, regulatory exams, vendor assessments, vulnerability scans, penetration tests, security incidents, policy exception requests, business continuity and disaster recovery plans….is your organization drowning in this stuff?  Is i… Continue Reading

ThreatView - August 2012 QSA vs ISA

August 21, 2012 | Posted in GRC by Carl Angeloff

Many organizations that must comply with the Payment Card Industry Data Security Standard (PCI DSS) are asking what the differences are between QSA's and ISA's and which direction they should take with their program.  We address this question in the … Continue Reading