A blog about GRC (Governance, Risk Management, and Compliance)

Neupart transforms into NorthGRC

Do you need to explain what ISO 27001 is?

How will NIS2 impact an information security manager?

GDPR Compliance: Bridge the Gap

Choosing the right business continuity scenarios for your BCP

Secure ISMS Version 6.0

Risk assessments must align with business goals

How does the ISO 27001:2013 affect your risk management process?

Here's how to get management support for information security initiatives

A compliance planning tool gives information security managers an automatic plan

ISMS: The value you can measure is the value you deliver

Information Security: How to get the most out of limited resources

How to assess your business risks when going cloud

GDPR: You prepare more records of processing activities than you should

GDPR: You Passed the Test – Now What?

To Assess, Or Not To Assess

GDPR: Make It Easy to Do It Right

Dear IT Manager: GDPR is not your responsibility – but it is your task

Why You Should Be Carrying Out a Risk Assessment

Continuous Compliance with the GDPR

Product Release: Secure GDPR

Data Protection Officers - Who Needs Them?

How to comply with the EU GDPR

Risk Assessments - What are they for?

Hacking online meetings

Risk assessment is a process - 3 reasons to do it again (and again)

How to make compliance interesting. A guide to awareness campaigns

Why should managers be interested in information security?

Updating Information Security Policies: Adapting to ISO 27002 2013

How to measure ISO 27001 ISMS efficiency with KPIs

Has ‘Plan-Do-Check-Act´disappeared in the new ISO 27001?

New Webinar series on Information Security Management best practice

The new ISO 27001 is out! How to develop a Statement of Applicability

IT Risk Management increases your IT outsourcing success

Six questions about the ISO 27001 revision (with answers)

Three ways the ISO 27001 revision will affect your company

4 responsible shortcuts to good enough risk assessments

GRC blog

The NorthGRC blog offers advice and knowledge of effective information security management, security strategies, risk management, compliance with information security standards and other requirements, business continuity planning, ISO2700x, EU Data Protection Regulation, PCI DSS, etc.

Popular Posts