Reciprocity

San Francisco, CA, USA
2009
Jan 13, 2022   |  By Reciprocity
Businesses have always had to manage risk – everything from operational, financial, or strategic risks; to other risks that are reputational, regulatory, or cybersecurity-related. So how does enterprise risk management (ERM) work today, when so many businesses are moving so much of their operations into the cloud? How can CISOs and other senior executives take traditional ERM principles and apply them to the cloud-based technology that underpins so much of the modern enterprise?
Jan 13, 2022   |  By Reciprocity
Risk culture is the set of shared beliefs, attitudes, and understanding among a group, usually in a corporate environment, about risk and risk management practices. A company has a strong risk culture when all employees understand the business and regulatory landscape in which the organization functions, and what risks are acceptable within that landscape to achieve business objectives.
Jan 10, 2022   |  By Reciprocity
The past two years have brought about significant disruptions to global supply chains. Recent headlines have focused on labor shortages and their impact on everything from product production to shipping delays. However, another, more significant supply chain issue should be top of mind for every organization: supply chain attacks.
Jan 6, 2022   |  By Reciprocity
Most organizations use at least some (and perhaps many) external vendors in their daily operations, sometimes even to provide mission-critical services or supplies; we’ve discussed them before as third-party vendors and the risks they bring. Indeed, most businesses today already consider third-party risk management in their overall cybersecurity protocols.
Jan 6, 2022   |  By Reciprocity
Amazon Web Services (AWS) is a cloud platform designed to meet the growing demand for cloud computing worldwide. AWS provides a set of cloud services such as storage, analytics, blockchain, business applications, security, and machine learning. Within this cloud environment is Amazon Simple Storage Services (S3), a cloud storage solution bringing scalability, data availability, security, and performance to companies of any size through so-called “buckets” or data containers.
Jan 4, 2022   |  By Reciprocity
The need for versatile and affordable solutions for storing and processing data in enterprises makes cloud computing an increasingly attractive IT strategy. Cloud computing provides flexible and easy-to-use solutions. It can also be more cost-effective than traditional storage methods that require a physical server and hardware at your corporate premises, which is one of the reasons why businesses often make the switch.
Jan 4, 2022   |  By Reciprocity
Managing third-party risk is a bit like throwing a fancy party. Everyone wants to attend, but you have to assure that only the most essential and top-rated VIPs get past the velvet rope. So you check attendees’ credentials at the door. Every company uses a third-party vendor or contractor at some point. Whether you are purchasing raw materials or outsourcing specialized processes, working with third parties can help you achieve a competitive advantage and cost savings.
Jan 4, 2022   |  By Reciprocity
Data theft can devastate any company, resulting in lost profits, regulatory enforcement, litigation, and reputational damage that can be difficult to overcome. Every organization must protect its customer data and assure that sensitive information is kept safe. That said, the data in your company’s possession is held in different states – and each of these states has particular vulnerabilities. A security tactic that works for one state may be inefficient for another.
Dec 22, 2021   |  By Reciprocity
Last week one of the country’s top banking regulators published its semi-annual report on risks to the financial system, and to no surprise cybersecurity risk was near the top. The more one ponders the findings, however, the more you can see insights about cybersecurity, internal control, and innovation that are worth the time of a compliance professional in any sector.
Dec 21, 2021   |  By Reciprocity
A digital security risk is any action or event that could cause loss of or damage to computer software, hardware, data, processing capability, or information. Digital risk management is an organization’s effort to keep such risks at acceptable levels. It’s crucial to understand that a risk is not the same as vulnerability. A risk is any event that could lead to an undesired outcome or loss. A vulnerability, on the other hand, is a weakness that can be exploited.
Aug 24, 2016   |  By Reciprocity
Watch how ZenGRC makes compliance easier for your compliance manager.
Aug 9, 2016   |  By Reciprocity
Watch how ZenGRC makes compliance easier for your compliance manager.
Jul 28, 2016   |  By Reciprocity
While Microsoft Excel is flexible and powerful, it’s not designed to track compliance initiatives. Some companies can get away with using an Excel spreadsheet for simple compliance requirements. However as your organization matures the need for compliance software will quickly grow.
Jan 29, 2019   |  By Reciprocity
In an increasingly litigious society, you need technology that allows you to create business strategies based on these risks so that you protect your organization from the mistakes others make.
Jan 29, 2019   |  By Reciprocity
Get best practices for purchasing and implementing a GRC software tool and get tips on how to leverage your tool for ongoing success.
Jan 1, 2019   |  By Reciprocity
Learn how to scope PCI-DSS requirements for your business.
Jan 1, 2019   |  By Reciprocity
This paper explores several dimensions of Vendor Risk Management. First, why are vendor risks proliferating-why now, and where do they come from? Second, what steps are necessary to manage vendor risks? And third, how can CISOs and compliance officers implement those steps in a practical way, so you don't spend all your time chasing vendors with risk management protocols?
Dec 1, 2018   |  By Reciprocity
Compliance is a process and you need to understand the right steps to take at the right time. This eBook provides a roadmap for understanding where you fit on the compliance spectrum, how to measure trade offs between growth and compliance, and practical tips for dealing with auditors as you move through the compliance process.
Dec 1, 2018   |  By Reciprocity
When companies first determine they need a formal compliance program, many are unclear if they need a compliance tool to manage it. Many companies turn to Microsoft Excel as the compliance tool of choice when first undertaking a GRC program. This eBook covers where Excel makes sense and how to know when your program has outgrown Excel.
Nov 1, 2018   |  By Reciprocity
Find out how to simplify your compliance program and maximize your return on investment with this eBook.
Nov 1, 2018   |  By Reciprocity
Struggling with GRC? It's Time to Take Charge. Learn how ZenGRC can help you solve your biggest compliance headaches.

ZenGRC -- the first, easy-to-use, enterprise-grade information security solution for compliance and risk management -- offers businesses efficient control tracking, testing, and enforcement.

ZenGRC is the SaaS remedy for legacy GRC heartburn. ZenGRC streamlines control management to provide tangible value because it speeds up audit and vendor management tracking and consolidates risk mitigation tasks. Since ZenGRC only takes 6-8 weeks to implement, you can speed compliance allowing your teams to focus on security work while saving time on mundane tasks keeping you safer.

Power Up Your Team and Accelerate Time to Value with ZenGRC:

  • Simple Deployment: Rapidly deploy a risk management and compliance program so you can focus on the security in information security compliance.
  • Unified Control Management: Map controls across multiple frameworks for visibility into defense mechanism strengths and weaknesses.
  • Centralized Dashboard: Access key metrics to build a compliance program that responds to the protection your information security program provides.

Compliance and Risk Management Made Simple.