Archive

Deep-DiveDeep-Dive
🔎 Deep-Dive on Coveo's GRC Program w/ Pierre-Paul Ferland

🔎 Deep-Dive on Coveo's GRC Program w/ Pierre-Paul Ferland

Pierre-Paul Ferland has scaled Coveo's GRC program from startup to IPO. This deep-dive explores their technical architecture, tooling decisions, and engineering integration strategies.

Ayoub Fandi
Ayoub Fandi
ComplianceCompliance
⚙️ Why the Policy-as-Code revolution didn't happen (and what can we do?)

⚙️ Why the Policy-as-Code revolution didn't happen (and what can we do?)

On the back of the news of the acquisition of the Styra team behind Open Policy Agent by Apple, we'll discuss how Policy-as-Code has been fitting into GRC Engineering and the way forward.

Ayoub Fandi
Ayoub Fandi
PodcastPodcast
🎙️ The GRC Engineering Blueprint for the Public Sector w/ Dr. Ibrahim Waziri Jr.

🎙️ The GRC Engineering Blueprint for the Public Sector w/ Dr. Ibrahim Waziri Jr.

Insights from a leader who delivered ATOs across US Federal and worked on GRC Engineering in both the Cloud Service Provider and Consulting spaces

Ayoub Fandi
Ayoub Fandi
GRC EngineeringGRC Engineering
⚙️ GRC Engineer vs. GRC Engineering. Which one you need? Maybe both?

⚙️ GRC Engineer vs. GRC Engineering. Which one you need? Maybe both?

The 2x2 matrix that reveals why the industry is asking the wrong questions about your GRC maturity, assess if you need GRC Engineering, GRC Engineers or both.

Ayoub Fandi
Ayoub Fandi
GRC EngineeringGRC Engineering
⚙️ The GRC Engineering Maturity Model v1.0

⚙️ The GRC Engineering Maturity Model v1.0

The Complete Framework for Assessing and Advancing Your Organisation's GRC Engineering Maturity with Strategic Progression Pathways

Ayoub Fandi
Ayoub Fandi
GRC ArchitectureGRC Architecture
⚙️ Why DIY GRC Automation Breaks at Enterprise Scale

⚙️ Why DIY GRC Automation Breaks at Enterprise Scale

Why GRC Engineering principles that work in proof-of-concept fail when evidence collection automation drives your enterprise program scaling

Ayoub Fandi
Ayoub Fandi
AI in GRCAI in GRC
⚙️ Vibe Coding for GRC Engineering: A Practitioner's Guide

⚙️ Vibe Coding for GRC Engineering: A Practitioner's Guide

Master context engineering to generate custom GRC solutions for your actual environment and understand the 3 main use-cases for Vibe Coding in GRC

Ayoub Fandi
Ayoub Fandi
PodcastPodcast
🎙️ Why Cyber Risk Quantification is the mindset shift your GRC program needs w/ Tony Martin-Vegue

🎙️ Why Cyber Risk Quantification is the mindset shift your GRC program needs w/ Tony Martin-Vegue

Learnings from an expert who conducted ~1,000 FAIR assessments and showcases Cyber Risk Quantification and GRC Engineering is a match-made in heaven!

Ayoub Fandi
Ayoub Fandi
Systems ThinkingSystems Thinking
⚙️ Signal vs. Noise: The Mental Model That Transforms GRC Effectiveness

⚙️ Signal vs. Noise: The Mental Model That Transforms GRC Effectiveness

Why your green compliance dashboards are hiding real security gaps, and the simple So What? test that reveals what actually matters

Ayoub Fandi
Ayoub Fandi
PodcastPodcast
🎙️ Beyond The API: GRC Engineering in the Real World w/ Ange Ferrari

🎙️ Beyond The API: GRC Engineering in the Real World w/ Ange Ferrari

From Technical Pentester to Global CISO: Ange Ferrari's GRC Engineering Journey. Deep Dive with a Leader Who's Been There (METRO, AWS, IKEA)

Ayoub Fandi
Ayoub Fandi
GRC ArchitectureGRC Architecture
⚙️ GRC Team Topologies: When to Centralise, Distribute, or Build Platform Models

⚙️ GRC Team Topologies: When to Centralise, Distribute, or Build Platform Models

The Decision Framework from 150+ GRC Leader Conversations + Step-by-Step Implementation Roadmap for Building Teams That Scale

Ayoub Fandi
Ayoub Fandi
GovernanceGovernance
⚙️ Git-Based Policy Management: The Version-Controlled Future of Governance

⚙️ Git-Based Policy Management: The Version-Controlled Future of Governance

Transform policy lifecycle management from manual document chaos to automated Git + Markdown workflows that engineering teams already trust

Ayoub Fandi
Ayoub Fandi
FirstBack
1234
Next Last