GRC & Me

Optimizing Risk: GRC is no longer a cost center - it's a business enablerGuests: LogicGate CEO, Matt Kunkel and CISO, Nick KathmannHistorically GRC was viewed as one line in a budget sheet, but that is rapidly changing. GRC practitioners are elevating their programs with tools and technologies that aggregate data and story-tell situational risk, security, compliance changes and more so businesses can make risk-based decisions to move the needle forward. Matt Kunkel and Nick Kathmann will share why good security pays for itself, the role GRC plays in the boardroom and how to connect GRC programs to business impact.

Switching from traditional risk analysis methods like ordinal lists or red-yellow-and-green charts to more modern approaches like risk quantification requires a paradigm shift in how you think about measuring risk, but the increased accuracy, specificity, and reliability you'll gain by doing so pays dividends.On this episode of GRC & Me, Netflix's Tony Martin-Vegue join LogicGate's Chris Clarke to explore the best ways to navigate this transition, how to learn and leverage popular risk quantification frameworks like Open FAIR, and why you shouldn't completely throw your colored charts out the window just yet.

They say it takes a thief to catch a thief, so why not a hacker to catch a hacker? That was the premise behind Ted Harrington's Independent Security Evaluators, a company dedicated to poking holes into other companies' cyber defenses — for the right reasons, of course. On this episode of GRC & Me, Ted takes LogicGate's Chris Clarke on a journey down the benevolent hacker's rabbit hole, where they discuss:The difference between white box and black box testing (and which is better.)Why carrying these exercises out can build trust and become a competitive advantage in third-party risk assessment.Why it's important to shift your mindset from one that views security as an obstacle to one that views it as an opportunity.Uncovering the unknown unknowns in cybersecurity.How “defense in depth” strategies can put security teams a step ahead of threat actors.The four traits that lead hackers to be successful, and why thinking like one can be an effective way to bolster your cyber defenses.

Few careers involve managing as much risk as one where you're responsible for launching humans riding gigantic rockets into outer space. That's exactly what Barrios Technology Chief Strategy Officer Ginger Kerrick did during her three-decade career working for NASA.On this episode of GRC & Me, Ginger joins LogicGate's Chris Clarke to discuss methods for developing methodical, standardized thought processes for risk decision-making in high-stakes scenarios, how NASA employees are trained to separate logic from emotion, how disasters can inform future mitigation planning, and why the most important part of managing risk is having the right leaders in place.

One of the most high-profile risk events of the last year was the swift collapse of Silicon Valley Bank and other regional banks amid spiking interest rates. Part of the problem? The lack of a complete, comprehensive view of the risks these banks were facing — in particular, liquidity risk.Allstate Canada's Chief Risk Officer Jason Wang has spent his career assessing and analyzing risk in the financial services space, dedicated to anticipating and mitigating risks just like the one that sank SVB. On this episode of GRC & Me, Jason joins LogicGate's Chris Clarke to discuss the importance of building a holistic risk register, how to position risk management as a strategic enabler instead of a “revenue prevention” department, why it's critical to include your chief risk officer on the executive team, and more.

When doing business with the federal government and its myriad agencies, organizations are bound to run into plenty of mandates, regulations, and other requirements. Navigating them all can cause a headache for even the most detail-oriented compliance managers.On this episode of GRC & Me, Chris Clarke is joined by Intel Federal's Compliance Program Manager, John Griffin. Griffin draws on his decades of experience in federal contracting and working with government agencies at companies like Honeywell and Boeing to explore methods for better managing product development and performing diligence on third-party vendor relationships while operating under strict and stringent government standards and requirements. Plus, learn a few of Griffin's more creative methods for determining how risky a particular organization might be to work with.

Oftentimes, cyber risk teams are viewed as reactive “audit police,” swooping into projects to flag risks and forcing changes at key points. This approach can generate a resentful — even toxic — risk culture. There's a better way to build healthier risk cultures: Taking a more collaborative, embedded approach to cyber risk management by positioning cyber risk leaders as advisors and partners, working side-by-side with project teams from the start.On this episode of GRC & Me, Chris Clarke is joined by Cyberpink's Founder & Owner, Praj Prayag-Deb, to discuss how to shift your organization's risk culture toward this new approach, her formula for building successful cyber risk programs from scratch, how leveraging the right technology makes it all possible, and why adopting a growth mindset is critical for every cyber risk leader.

Oftentimes, cyber risk teams are viewed as reactive “audit police,” swooping into projects to flag risks and forcing changes at key points. This approach can generate a resentful — even toxic — risk culture. There's a better way to build healthier risk cultures: Taking a more collaborative, embedded approach to cyber risk management by positioning cyber risk leaders as advisors and partners, working side-by-side with project teams from the start.On this episode of GRC & Me, Chris Clarke is joined by GEICO's Praj Prayag-Deb, Head of Cybersecurity Risk to discuss how to shift your organization's risk culture toward this new approach, her formula for building successful cyber risk programs from scratch, how leveraging the right technology makes it all possible, and why adopting a growth mindset is critical for every cyber risk leader.

Cybersecurity programs involve lots of moving parts, and they only grow more complex over time as technology becomes more advanced and cyber threats become more numerous and sophisticated. Cyber risk quantification can be a crucial tool for keeping up with shifting cybersecurity landscapes.On this episode of GRC & Me, Chris Clarke is joined by Protiviti's Daniel Stone, Director, and Tim Kelly, Associate Director, to discuss how cyber risk quantification can lead to better risk decision-making, how to beat analysis paralysis when you've got reams of risk data in front of you, and the best ways to use risk quantification to reduce reactivity and improve communication across your organization.

With information and cybersecurity incidents growing in frequency and severity, regulators in the European Union are hard at work devising new rules designed to incentivize organizations to harden their cyber defenses.On this episode of GRC & Me, Megan Brown sits down with Wizz Air's Andras Szabolcs, Cyber Risk Expert, and Peter Szigetvari, Operational Risk Expert, to break down the similarities and differences between two of these new European Union regulations — the Digital Operational Resilience Act, or DORA, and Network and Information Security Directive 2, or NIS2 — how they could affect nearly every company despite their official scope, and how organizations can prepare to comply with them using modern GRC technology.

In just a few months, artificial intelligence went from a fringe technology to full-speed ahead with the public release of ChatGPT. This fascinating technology has the potential to revolutionize how we automate our businesses, but there are numerous reasons to give pause before integrating it into your organization's operations. On this episode of GRC & Me, Dorian Cougias, Co-Founder and CEO of United Compliance Framework and Chris Clarke sit down to discuss the risks and rewards of embracing AI-driven automation, corpora management, data ownership, and the necessity of double-checking everything generative AI spits out.

On this episode of GRC & Me, Andy Ruse and Mike Curl, former Regulatory Data Manager at Honeywell, discuss the benefits of building dashboards from the bottom up, how to get organizational buy- in when it comes to change management, and Mike's unique culinary approach to executive reporting.

Getting everyone on the same page about the risks your organization is facing is a crucial part of effectively managing organizational risk. Unfortunately, it's also one of the hardest parts about effectively managing risk. On this episode of GRC & Me, Dimitrios Stergiou, Director of Information Security at Wayflyer, explains how risk quantification and proper use of standard frameworks can help you build a common language for understanding risk across your organization, break down organizational silos, and get buy-in for your programs.

On this episode of GRC & Me, Andy Ruse, LogicGate's President of Field Operations, sits down with Cooley's Mike Santos, Director of Security and Information Governance, to discuss his five-layer maturity model for building effective GRC programs, the different things a risk practitioner has to consider in decision making, and his own recommendations for maturing any risk program.

Properly measuring risk is the most important ingredient in effectively communicating risk, and communicating risk leads to a richer risk culture at your organization. On this episode of GRC & Me, we sat down with OKTA's Anthony Riley to hear his best practices for measuring and communicating risk.

This episode takes a deep dive into creating a business case for investing in GRC technology by proving its cost-saving impact. LogicGate CEO Matt Kunkel spoke with Michael Rasmussen, a renowned GRC expert, to discuss the past, present, and future of GRC spending. Listen to discover how to build a business case for upgrading to the latest and greatest in GRC.

On this episode of GRC & Me, we explore business resilience and the differences between proactive, reactive, and preemptive approaches to crisis management with Howard Mannella, Senior Staff of Global Business Continuity and Security at Udemy. We learn how Howard stays ahead of risks by focusing on their impact and how organizations of all sizes can evolve their GRC programs. Listen to the full episode for valuable insights any business can use to stay resilient.

This episode tackles the essential topic of how to build and mature a risk program aligned with business objectives. Andy Ruse, LogicGate's president of field operations, recently caught up with James Bundy, practice director at cybersecurity consulting firm Optiv, to explore how businesses across all industries can create a holistic GRC program that contributes to real business growth. How can compliance requirements become business enablers? Listen to find out.

LogicGate's Megan Phee sat down with Jason Wang, Chief Risk Officer at Synergy Credit Union, to explore the importance of creating or refining business continuity plans in the face of volatility. Business continuity plans help you make critical decisions before you need them. Otherwise, you make those decisions during a business-impacting event when every hour matters. Listen to the full episode to hear Jason's valuable advice for making enterprise-wide decisions to improve your resilience.

Making things easier and less paper-bound through digital technology is a top priority for many organizations, especially when it comes to their GRC initiatives. In this episode, LogicGate's Megan Phee is in London with UAE-based Proxis founder and managing director, Tina Chugani. Join us as Megan and Tina talk about the concept of process digitalization and trends that Tina is seeing within her region. Plus, how technology is helping to make it rain in the desert. Learn more about Proxis at proxis.me Make sure to visit agility.logicgate.com to learn how you can join us at our GRC user conference in Downtown Chicago on September 22nd and 23rd at the Swissotel Chicago or virtually. Hope to see you there!

With prices increasing across the board, it is getting harder to avoid inflation's risk and a potential recession. In this episode, LogicGate CEO Host Matt Kunkel sits down with John Hotchkiss, Fairway Independent Mortgage Company's Chief Risk Officer. Join us as Matt and John look at how inflation will affect the risk landscape and how best to prepare.

When people think of GRC, generally, they tend to categorize it within the framework of financial or regulated sectors. Even the entertainment business needs GRC. In this episode, Megan Phee is joined by Tony Martin-Vegue, Senior Information Security Risk Engineer at Netflix, who shares his risk quantification journey, how to get tactically started, and how risk quantification can provide positive business outcomes.

Welcome to a special edition of GRC & Me featuring the audio version of LogicGate's newest eBook on Third-Party Risk Management.This audio eBook reveals:How to effectively manage third-party relationships (hint: it's not with spreadsheets)Steps to building a robust third-party risk management program that connects ALL the dotsWhy third-party risk management is everyone's businessHow an interconnected risk program helps you calculate, communicate, mitigate, and report third-party risksReady to get proactive with your Third-Party Risk Management strategy? Visit logicgate.com today!

Great conversations leave you wanting more and that is exactly what happened when LogicGate's own Megan Phee appeared with James (Jim) Rees on Razorthorn's podcast. So when they both felt like there was more to discuss, we invited Jim to join us on GRC & Me. Jim is Razorthorn's Managing Director and Principal Security Consultant with decades of experience in information security. He has worked with some of the largest and most influential organizations worldwide. In this episode of GRC & Me, Megan and Jim continue their chat on the ever-changing complexities of compliance, how regulatory models ask for consistency, and quick wins for those starting on their InfoSec and GRC journeys.

At GRC & Me, we like to go big or go home. In this episode, we do just that and take on the topic of global standards. We brought in the perfect person for the task, Rob Fulcher, Head of Sales for the Americas at CUBE. Rob chats with LogicGate's Director of International Sales, Megan Phee, about why we find ourselves in our current regulatory situation, how and where global standards can help, and how new technology can help or hinder the future state of regulatory standards.

It seems like everywhere you look there's a new article about the “Great Resignation” and the challenges with keeping talent. Businesses, regardless of industry, are being impacted. So where do we go from here? In this episode of GRC & Me, LogicGate's CEO, Matt Kunkel, and new Chief People Officer, Caroline Werner, chat about the reality of the current talent landscape, what they've learned from the last few years, and how they're adjusting their strategies to help adapt.

Our customers' success means a lot to us at LogicGate. That is why we decided to have no other than Szuyin Leow, VP of Customer Success, as a guest host. Szuyin sits down with one of our rockstar customers, Stephen Crouch from Texas Mutual. Stephen is a risk analyst in the workers' compensation insurance space and at Texas Mutual, he quickly got involved with revamping the vendor risk management program. In this episode, Stephen recounts his GRC journey. He highlights how he has seen vendor risk management evolve, plus other reflections and best practices to build successful vendor risk management programs.

We decided it was time for some inner reflection here at GRC & Me. Or, in GRC terms, an Internal Audit. Guest host Heath Anderson, LogicGate's Information Security Leader, does just that as he goes in-house and turns the mic on LogicGate's own Security Compliance Manager, Elizabeth Walker. Elizabeth is a fountain of knowledge for LogicGate and the GRC community. In this episode, Elizabeth defines what internal audit means, her perspective on the players, personalities, and challenges, and some valuable tips from her playbook.

At the end of last season, we learned how resilience, agility, and integrity are perfect additions to GRC practices that merit more focus. In this episode, we kick off season five of GRC & Me and continue this discussion by looking deeper into resiliency and agility. To get us there, LogicGate's CEO, Matt Kunkel, speaks with Chris Patteson, The Risk Wrangler, to help us understand what resiliency and agility mean for organizations and their boards.

For centuries philosophers have given us the four cardinal virtues: prudence, justice, fortitude, and temperance. For the GRC community at large, there is more than enough room to add to these to cover our unique world and its dealings. At LogicGate, we think that resilience, agility, and integrity are perfect additions.In our season 4 finale of GRC & Me, LogicGate CEO Matt Kunkel and GRC expert Michael Rasmussen covered resilience and agility. In this episode, the two are back to discuss integrity and apply it to the latest GRC trend, ESG or Environmental, Social, and Governance.

It's a new year, and that means new resolutions. Move over pushups and pilates; we're kicking off the new year with a two-part podcast meant to get your 2022 off to a great start. If you are looking to have a more resilient and agile GRC program — and to find out how these two intersect with GRC practices and why they matter — then you have come to the right place!In this episode of GRC & Me, Michael Rasmussen and our CEO Matt Kunkel discuss why resiliency is critical for a risk management program. Michael also provides insights into how agility aligns with your organization's strategic plans.

Have you ever wondered what exactly holistic GRC is? What does it look like, and do people really mean when they say a “holistic GRC program”?In this episode of GRC & Me, returning guest Dustin Owens, VP of Cyber Risk and Resilience at Kivu Consulting, will break down all the what's, how's, and why's regarding holistic GRC programs and platforms. Dustin also shares some GRC stories about how companies use a holistic GRC approach to achieve business outcomes.

Have you ever worried about how you should communicate risks to the board? How much data can they handle?In this episode of GRC & Me, we are joined by Richard Seiersen, who has previously worked for Twilio, GE, and LendingClub as CISO, was a co-founder of Soluble that was acquired by Lacework in 2021, and is currently the Chief Risk Officer at Resilience Insurance. His books include How to Measure Anything in Cybersecurity Risk and The Metrics Manifesto: Confronting Security with Data. Together with Mark Tattersall, VP of Product at LogicGate, we get the skinny on what kind of conversations are happening at the board level and what they really want to see and hear, plus, the rise of insurtech, technology being a driver for consistency, and how all these topics inspired Richard to write his books.

Do you see cybersecurity troubled waters coming your way but don't know how to navigate the storm? With a good course charted, a strong and united crew, and a savvy captain you can navigate even the scariest of threat seas.In this GRC & Me episode, we are joined by Adam Gladsden, a third-party risk advisor who heads up the risk advisory practice at SecurityScorecard. Adam guides us as we look at the current cyber threat landscape, the connection to the enterprise's third-party and cyber risks, and how it affects all risk categories. We also discuss how organizations can improve and mature their third-party risk programs.

What does a “high” risk mean to you? What does it mean to your colleague? Does your organization have multiple risks marked as “high” but it's hard to figure out which one to focus on first? If you answered yes to the last question, risk quantification may be the right fit for you. However, risk quantification has proven to be a popular and complex subject. That is why we invited Bob Maley, Chief Security Officer at Black Kite to talk to us about how risk quantification helps risk pros use quantification to make sense of qualitative data and effectively communicate risk across an organization. Bob is CRISC, CTPRP, and an Open FAIR™ certified risk quantification expert who has led state-of-the-art risk management programs.In this episode of GRC & Me, Bob discusses the importance of risk quantification and how it can help organizations make better strategic decisions. We also discuss how Black Kite's Open FAIR™ based solution calculates the probable financial impacts of cyber breaches and how it communicates risks in quantitative, easy-to-understand business terms so that organizations can risk smarter and with confidence.

Charlie Meyer is LogicGate's Implementation Services Manager. In his role, he has served at the helm of countless implementation strategies for GRC solutions. Charlie provides guidance for best practices for implementation and shares real-world examples of how companies have run successful launches with a GRC provider.While Charlie primarily works in the initial implementation process, he advises customers to maintain a relationship with their GRC provider and look for ongoing opportunities for improved services and applications.

Jason Wang, Chief Risk Officer at Synergy Credit Union, joined the financial institution to build out and enhance its enterprise risk management functions, including a disaster recovery and pandemic response framework — all just before the start of the pandemic.Jason's forethought and preparation positioned Synergy to successfully navigate COVID-19.In this episode of GRC & Me, Jason shares his experiences chairing Synergy's COVID-19 Committee and discusses how to evaluate new risks that have emerged within your company in the aftermath of the pandemic. Jason also speaks to the importance of understanding Environmental Social Governance (ESG), why it's here to stay, and what you should be doing about it.Jason believes that everyone is a risk manager in your organization and provides strategies to help you create company-wide buy-in for mitigating risk and protecting your data.

Dustin Owens' extensive background in GRC began with an undergraduate degree in computer information systems. When he realized programming wasn't his professional calling, he transitioned to the security and cybersecurity space — now, he's accrued 25 years of experience in the field. After being introduced to risk quantification in 2003 as part of the National Security Agency's INFOSEC Assessment Methodology, Dustin hasn't looked back. As LogicGate's Principal GRC Architect, he focuses heavily on how risk quantification can help obtain consistent risk findings that are accurately defined in monetary terms.In this episode of GRC & Me, Dustin breaks down why organizations have much to benefit from adopting risk quantification practices to better assess, manage and respond to risk. Plus, it helps organizations better prioritize the activities that require more attention and investments.“It makes it very easy to compare risk mitigation activities and whether they do risk acceptance or transfer risk, based on the amount of impact that that risk has to the business,” explains Dustin,” which allows organizations to “see if it makes sense to go in one direction versus another.”

LogicGate's Chief Marketing Officer Gina Hortatsos joins the podcast to discuss the findings. One of the surprising results is that while the vast majority (91%) acknowledged the importance of GRC programs to their organization, but only 45% of survey respondents said their current programs are extremely effective.

How can you best articulate the value of your security program to non-security professionals in your organization? Or even to board members?It starts with asking questions. Five of them, to be exact.Emily Heath, DocuSign’s Chief Trust & Security Officer, covers five questions or pillars to ensure you’re able to confidently speak about your company’s security program. In this episode of GRC & Me, Emily returns to the podcast to discuss her advice for organizations seeking to drive transparency and competence with both their board of directors and customers. Because the pandemic has changed the risk landscape, Emily believes that the world of GRC must become more resilient. By that, she means organizations should improve their ability to rebound with minimal impact to business. A global pandemic has taught both organizations and people that risk is everywhere. And while Emily, who also serves on the board of directors for LogicGate and NortonLifeLock, is determined to help organizations prepare for risks, she also finds time for the small things, such as the cooking blog she began during the pandemic.

Brian Clark has had a front-row seat to both sides of the regulatory compliance coin: He was a regulator during the post-financial crisis in 2008. Years later, he transitioned to being a chief compliance officer and general counsel.With such varied experience, the president and founder knew exactly what he set out to solve when he founded Ascent in 2015: simplifying the knowledge work required to keep up with regulations and maintain compliance. To help clients build and automate repeatable compliance programs, Ascent employs artificial intelligence (AI) to produce knowledge sets and streamline processes — for example, it can produce an output in two minutes for a task that could take humans thousands of hours (it’s true!)In an episode of GRC & Me, Brian explains why AI is the right tool for the job because it allows “people to unlock their potential and their time to focus on different activities.”

Peter Berger and David Ngu both work for global consulting firm Protiviti in the Netherlands, helping clients figure out how to integrate governance, risk management, and compliance technology into their workplace. In this episode of GRC & Me, Peter and David provide some of their valuable insights about how to incorporate agile GRC technology to make sure it’s actually doing its job to help manage the risks in your company and ensure your business is aligned so successful risk governance can take place and nothing slips through the cracks.We all face risks in our daily lives, now more than ever. Peter and David are here to help companies handle them with agility and flexibility, and stay tuned: they’re even offering listeners a complimentary consulting session to talk about GRC technology and agile risk governance. Reach out to Peter and David directly: peter.berger@protiviti.nl & david.ngu@protiviti.nl

Just what is Risk Cloud Exchange (RCX) and what benefits could it offer your organization? These questions are explored on this episode of GRC & Me with LogicGate’s Amrutha Sivakumar and Emily Affinito.

Is GRC a Subset of Cybersecurity, or is it the other way around? In this episode of GRC & Me, Megan chats with Scott Jordan, Principal and Partner of Agile GRC Solutions. Scott discusses how security and GRC work together, the impact of market disruptors, the concept of “risk transferring,” and being mindful of “security landmines.”

After nearly two decades in tech, including stints at the Big Four security firms, Scott Jordan is on his 148th governance, risk, and compliance (GRC) implementation. Now the principal and partner at Agile GRC Solutions, Scott puts it simply on this episode of GRC & Me: “I’ve seen a few things in the market.” Specifically, he’s watched as companies large and small have become more vulnerable to ransomware and other types of cyberattacks. While assessing the damage, he’s spotted a few common mistakes, which he calls “security landmines.” GRC tools like LogicGate are powerful and necessary, but they work best when the humans wielding them are doing their due diligence. That’s where Scott and his experience come in. That is if he can resist the tempting job offer from his eight-year-old daughter...

Legacy technology’s grasp on GRC processes is slowly loosening. As LogicGate’s Director of Customer Success Szuyin Leow explains, it appears the future is here, thanks to flexible data models. A former cybersecurity consultant, Szuyin now helps LogicGate’s customers leverage the flexible data model that powers the risk cloud platform the company is recognized for. Adaptability is key across any industry, and that’s what this model specializes in, even in a climate with many unknowns. In this episode of GRC & Me with host Megan Phee, Szuyin explains that compared to rigid data models, flexible ones let organizations “slot things in where they're needed” when external changes force a shift within data structures and new requirements must be implemented. Still, the grass isn’t always greener. Too much design and customization can pose an obstacle for organizations building out their data structures, but Szuyin and her team encourage them to follow LogicGate’s best practices. Can you guess how flexible data models benefit industries outside of GRC? That’s what the LogicGate Risk Cloud IRL competition will reveal.

Legacy technology’s grasp on GRC processes is slowly loosening. As LogicGate’s Director of Customer Success Szuyin Leow explains, it appears the future is here, thanks to flexible data models.A former cybersecurity consultant, Szuyin now helps LogicGate’s customers leverage the flexible data model that powers the risk cloud platform the company is recognized for.Adaptability is key across any industry, and that’s what this model specializes in, even in a climate with many unknowns.In this episode of GRC & Me with host Megan Phee, Szuyin explains that compared to rigid data models, flexible ones let organizations “slot things in where they're needed” when external changes force a shift within data structures and new requirements must be implemented.Still, the grass isn’t always greener. Too much design and customization can pose an obstacle for organizations building out their data structures, but Szuyin and her team encourage them to follow LogicGate’s best practices.Can you guess how flexible data models benefit industries outside of GRC? That’s what the LogicGate Risk Cloud IRL competition will reveal.

When the effects of COVID-19 began to tear across industries, GRC Technology Manager Priyam Shah didn’t hesitate to pivot PwC’s services to support their customers.Because PwC resolves complex GRC issues across various industries, Priyam says its collaboration with LogicGate was natural to support the facilitation of the “return to work” program PwC created as a part of its pandemic response.In this episode of GRC & Me with host Megan Phee, Priyam discusses how the PwC x LogicGate Risk Cloud™️ relationship helped organizations bring their workforce back to the office by providing the necessary controls and processes.She also shares thoughts about what to consider as you discover the right tools and solutions for your programs as well as rising trends in the GRC landscape.Then Megan and Priyam discuss common pitfalls faced by companies along with different points of the GRC journey.When it comes to your governance structure, what do you think is preventing you from seeing the value you need? (Hint: Enabling all your programs at once!)

When the effects of COVID-19 began to tear across industries, GRC Technology Manager Priyam Shah didn’t hesitate to pivot PwC’s services to support their customers. Because PwC resolves complex GRC issues across various industries, Priyam says its collaboration with LogicGate was natural to support the facilitation of the “return to work” program PwC created as a part of its pandemic response. In this episode of GRC & Me with host Megan Phee, Priyam discusses how the PwC x LogicGate Risk Cloud™️ relationship helped organizations bring their workforce back to the office by providing the necessary controls and processes. She also shares thoughts about what to consider as you discover the right tools and solutions for your programs as well as rising trends in the GRC landscape. Then Megan and Priyam discuss common pitfalls faced by companies along with different points of the GRC journey. When it comes to your governance structure, what do you think is preventing you from seeing the value you need? (Hint: Enabling all your programs at once!)

Asureti co-founder and Practice Director, Melissa Ryan, has been fascinated with language for as long as she can remember — and she has the spelling bee record to prove it.Since she’s worked with people across business operations, the multi-faceted data protection expert has seen firsthand how a common language can bridge gaps between departments, allowing for truly valuable and meaningful conversations.That technical jargon flying across your teams? It actually pulls your organization further apart.Melissa uses a risk rating matrix, for example, to better facilitate communications with clients. These tools — or points of reference like taxonomies — contribute immeasurable value when they are defined through a shared language and then used across the business.“We find that leaders who are leveraging these common definitions, these standard rating, and translation tools, and incorporating them into a GRC technology are truly finding enhanced value,” explains Melissa.Here’s the key: Make sure the underlying structure, calculations, and design of the common language of your tools and technology are consistent.Ready to learn how to connect the dots between the teams in your risk organization?

Asureti co-founder and Practice Director, Melissa Ryan, has been fascinated with language for as long as she can remember — and she has the spelling bee record to prove it. Since she’s worked with people across business operations, the multi-faceted data protection expert has seen firsthand how a common language can bridge gaps between departments, allowing for truly valuable and meaningful conversations. That technical jargon flying across your teams? It actually pulls your organization further apart. Melissa uses a risk rating matrix, for example, to better facilitate communications with clients. These tools — or points of reference like taxonomies — contribute immeasurable value when they are defined through a shared language and then used across the business. “We find that leaders who are leveraging these common definitions, these standard rating, and translation tools, and incorporating them into a GRC technology are truly finding enhanced value,” explains Melissa. Here’s the key: Make sure the underlying structure, calculations, and design of the common language of your tools and technology are consistent. Ready to learn how to connect the dots between the teams in your risk organization?