Quantivate Blog

Governance, Risk & Compliance (GRC) Education and News

Building Resilience Into IT Risk Management
Operational resilience has become a hot topic in compliance and risk management circles. The ability to absorb business disruptions like data breaches or critical service downtime and continue to function places organizations in an advantageous position. Because disruptions can and will occur with increasing frequency, IT and cybersecurity leaders need to consider how to build resilience into their risk management strategies. A good starting point for any effective operational resiliency program is to shift…
Read More >
Common Pitfalls of GRC Technology Selection
GRC technology selection
Governance, risk management, and compliance (GRC) is something an organization does, not buys—yet for GRC management to be successful and sustainable for the long term, it needs to be supported by a technology platform. Before selecting the right GRC platform, organizations need to understand their current management processes and develop a strategy that sets the stage for increased efficiency, effectiveness, agility, and cross-department collaboration. Choosing a GRC Solution Many solutions may have the capabilities…
Read More >
How Are You Managing Data Privacy? Navigating CCPA Compliance
data privacy compliance
The era of the wild west of tech is slowly coming to an end. There is increased pressure on Congress to pass a national data privacy law, and many states have independently been passing their own laws to protect consumer privacy—the largest of which is the California Consumer Privacy Act (CCPA). California’s attorney general recently released some enforcement case examples as part of an update on the first year of enforcement measures. Additionally, a…
Read More >
Where ESG and Risk Management Intersect: A CRO’s Guide
Financial institutions are starting to review the implications of environmental, social, and governance (ESG) practices and how they can work to shape a better future. While regulatory focus is currently targeting large institutions, smaller firms should also be considering what they can do at a localized level and how ESG intersects with building best-in-class risk management practices. When regulators begin to prioritize a policy area such as ESG compliance, risk professionals need to start…
Read More >
Common Pitfalls of GRC Technology Evaluation
GRC technology evaluation
Over the past few decades, a broad range of governance, risk, and compliance (GRC) management solutions have entered the market. Research firm GRC 20/20 has mapped over 800 different GRC technology solutions, and the space continues to grow. This abundance of options complicates organizations’ ability to effectively evaluate, select, and implement the right GRC platform. Some organizations are looking for a niche tool to help them address regulatory burden or a specific risk area…
Read More >