Skip to main content
ISO 27001 Compliance in 18 Months

ISO 27001 Compliance in 18 Months

When a lost deal with the world’s largest healthcare company revealed a critical gap in SimpleRisk’s compliance posture, it set us on an 18-month journey to achieve ISO 27001 certification. From assessing our maturity and closing governance gaps to leveraging AI and tackling a rigorous third-party audit, we turned a challenge into an opportunity to enhance our operations and platform.

What's New With SimpleRisk 20241106-001 Release

What's New With SimpleRisk 20240930-001 Release

What's New With SimpleRisk 20240927-001 Release

What's New With SimpleRisk 20240909-001 Release

Scale Balancing GRC Against Cost

Your GRC, Your Way: Introducing SimpleRisk’s Flexible Pricing Model

Ready to take control of your GRC strategy like never before? SimpleRisk's new pricing model eliminates confusion, aligns functionality with your needs, and brings transparency to both On-Premise and Hosted deployments. Explore custom packages, automatic discounts, and our intuitive Pricing Configurator—making your GRC journey truly simple.

From Zero to ISO 27001 in 18 Months

Certified in 18 Months: Lessons from SimpleRisk’s ISO 27001 Journey

On September 26, 2024, SimpleRisk proudly earned its ISO 27001 certification after a focused 18-month effort to refine security practices and address control requirements. Despite personal hurdles, their journey highlights how dedication and the right tools make ambitious compliance goals achievable.

What's New With SimpleRisk 20240818-001 Release

What's New With SimpleRisk 20240819-001 Release

What's New With SimpleRisk 20240726-001 Release

What's New With SimpleRisk 20240603-001 Release

What's New With SimpleRisk 20240318-001 Release

sec mat

"How to Model Security Maturity in Your Organization" Webinar Recap

Check out this recap of the webinar, "How to Model Security Maturity in Your Organization," co-hosted by SimpleRisk and GRC 20/20. This webinar helped equip participants with a clear roadmap on how to establish a security maturity baseline within their own organizations, create a desired state of maturity, and identify where gaps exist in order to achieve their objectives.

What's New With SimpleRisk 20240205-001 Release

7 strategies new

7 Strategies to Mature Your GRC Program

Check out this guest blog from Michael Rasmussen of GRC 20/20 to learn about seven strategies to mature your existing GRC program for enhanced efficiency and effectiveness.

What's New With SimpleRisk 20240102-001 Release

What's New With SimpleRisk 20231103-001 Release

sec reg 2

New SEC Cybersecurity Regulation – What to Know

The Security and Exchange Commission (SEC) released its final rule on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, effective mid-December 2023. Check out this blog to learn what this ruling entails, how this new regulation may impact your organization, and what your organization needs to do ensure compliance.

What's New With SimpleRisk 20231006-001 Release

Going Up The Stairs

Getting Your Information Security Program Off the Ground

Struggling with where to begin with your Information Security Program?  Learn how taking a risk-centric approach can help accomplish your goals.

What's New With SimpleRisk 20230331-001 Release

What's New With SimpleRisk 20230106-001 Release

What's New With SimpleRisk 20221013-001 Release

risk

8 Simple Ways to Effectively Launch Your GRC Program

Learn the 8 fundamentals we recommend to establish an effective Enterprise Risk Management process from the ground up, which will set the stage for a successful GRC program rollout.

What's New With SimpleRisk 20220909-001 Release

What's New With SimpleRisk 20220823-001 Release

What's New With SimpleRisk 20220701-001 Release

Keep Things Simple

Using the ISO 27001 Control Framework with SimpleRisk

ISO 27001 has become the most requested framework to use within SimpleRisk.  In this blog post you will learn about the different ways you can use their controls with our platform.

bowling pins

5 Reasons Why SimpleRisk is Disrupting the GRC Space

How can a relatively new vendor enter a mature market that has a multitude of established players and, with no outside funding, differentiate itself from the competition to make a global impact? Read on to learn how SimpleRisk is doing just that. 

Common Control Framework Togetherness

The Massive Benefits of Using a Common Control Framework with Your GRC Program

Struggling with managing compliance across multiple different control frameworks?  Learn how a common control framework can help you to simplify your compliance, saving you time and money.

What's New With SimpleRisk 20220527-001 Release

What's new with the SimpleRisk 20220401-001 release?

What's new with the SimpleRisk 20220306-001 release?

What's new with the SimpleRisk 20220122-001 release?

compliance

Compliance 101: Back to Basics

Let’s go back to the basics and break down what enterprise compliance is and how you can use it to ensure your organization is conforming with its stated requirements.

What's new with the SimpleRisk 20211230-001 release?

What's new with the SimpleRisk 20211115-001 release?

What's new with the SimpleRisk 20211027-001 release?

What's new with the SimpleRisk 20211010-001 release?

Frustrated CISO

These CISOs GRC is Failing Them And I Know Why

Today I attended a CISO roundtable where a number of the attendees talked about their GRC platforms that have taken over a year to "connect all the wires" and they're still in the process of implementing. I know why their GRCs are failing them and there is a better way.

SR Logo

SimpleRisk Free and Open Source vs. Fully Featured Platform

Curious about SimpleRisk’s product offerings and available functionality? Read on to learn about our flexible deployment models – from free and open source to fully-featured GRC platform!

Manage Users

How To: Manage Personnel Changes in SimpleRisk

Explore your options for managing personnel changes in SimpleRisk.

SimpleRisk Fist Bump

What is GRC-as-a-Service?

SimpleRisk partners with various MSSP providers to give customers a one-stop "GRC-as-a-Service" offering.  Learn more about how this works and whether the SimpleRisk GRCaaS platform may be a good fit for your organization.

What's new with the SimpleRisk 20210930-001 release?

What's new with the SimpleRisk 20210625-001, 20210630-001 and 20210713-001 releases?

Custom Development

How SimpleRisk Can Meet Your Custom GRC Requirements

What is the right way to do risk management?  We hear this question fairly frequently on calls with prospects and my answer is always the same.  There is no "right way" or "wrong way" to do risk management.  There's only your way...

 

What's new with the SimpleRisk 20210305-001 release?

What's new with the SimpleRisk 20210121-001 release?

What's new with the SimpleRisk 20201123-001 release?

What's new with the SimpleRisk 20201106-001 release?

NIST Cybersecurity Framework

Simplifying the NIST Cybersecurity Framework with SimpleRisk

Learn how to use SimpleRisk's Import-Export and Risk Assessment Extras in order to efficiently use the NIST Cybersecurity Framework's controls to assess your organization's risks and perform a control gap analysis.

img

The SimpleRisk 20180104-001 Release and The Future Direction of SimpleRisk

img

What's new with the SimpleRisk 20200711-001 release?

img

What's new with the SimpleRisk 20201005-001 release?

SimpleRisk Stands Against Hate

SimpleRisk Stands Against Hate

At the end of June 2020, a civil rights coalition, which includes the Anti-Defamation League (ADL) and the NAACP, launched the #StopHateforProfit campaign.  This campaign calls upon major corporations to put a pause on Facebook advertisements, citing the company's...

img

How to Use Standards to Assess Your Organization's Cybersecurity Maturity (by SimpleRisk)

On March 29, 2019, Alex Polimeni and I presented at the BSides Austin conference on some of the work we've ...

img

GRC is Dead, Long Live GRC!

Recently, a friend sent me a blog post by John A. Wheeler of Gartner entitled "What Ever Happened to GRC?".  In ...

img

The Origin of SimpleRisk - A Founder's Story

Every comic book superhero has a story behind them describing how they overcame some form of adversity in ...

CONTACT US

KEEP UP WITH THE LATEST
PRODUCT ANNOUNCEMENTS
AND BLOG POSTS

FOLLOW US