When a lost deal with the world’s largest healthcare company revealed a critical gap in SimpleRisk’s compliance posture, it set us on an 18-month journey to achieve ISO 27001 certification. From assessing our maturity and closing governance gaps to leveraging AI and tackling a rigorous third-party audit, we turned a challenge into an opportunity to enhance our operations and platform.

In today’s complex business world, managing risks and compliance shouldn’t feel chaotic. Discover how SimpleRisk, as highlighted by Michael Rasmussen, the "Godfather of GRC," streamlines governance, risk, and compliance with efficiency and agility. Learn why organizations are switching to this game-changing platform in our latest blog post!

On September 26, 2024, SimpleRisk proudly earned its ISO 27001 certification after a focused 18-month effort to refine security practices and address control requirements. Despite personal hurdles, their journey highlights how dedication and the right tools make ambitious compliance goals achievable.

Struggling with where to begin with your Information Security Program?  Learn how taking a risk-centric approach can help accomplish your goals.

Let’s go back to the basics and talk about what governance is and how you can use it to ensure that the information that reaches your executive team and other key stakeholders is complete, accurate and timely.

Today I attended a CISO roundtable where a number of the attendees talked about their GRC platforms that have taken over a year to "connect all the wires" and they're still in the process of implementing. I know why their GRCs are failing them and there is a better way.

SimpleRisk partners with various MSSP providers to give customers a one-stop "GRC-as-a-Service" offering.  Learn more about how this works and whether the SimpleRisk GRCaaS platform may be a good fit for your organization.

What is the right way to do risk management?  We hear this question fairly frequently on calls with prospects and my answer is always the same.  There is no "right way" or "wrong way" to do risk management.  There's only your way...

Learn how to use SimpleRisk's Import-Export and Risk Assessment Extras in order to efficiently use the NIST Cybersecurity Framework's controls to assess your organization's risks and perform a control gap analysis.

At the end of June 2020, a civil rights coalition, which includes the Anti-Defamation League (ADL) and the NAACP, launched the #StopHateforProfit campaign.  This campaign calls upon major corporations to put a pause on Facebook advertisements, citing the company's...

Before starting SimpleRisk, I sat in the CISO chair, on the other side of the negotiating table.  I learned the tricks ...

Every comic book superhero has a story behind them describing how they overcame some form of adversity in ...