Compliance

Stakeholder ManagementGRC ArchitectureGRC Collector CardsGRC Market PulseGRC EngineeringAI in GRCGRC as a ProductCompliancePodcastVendor RoundtableRisk ManagementSystems ThinkingDeep-DiveGovernance
ComplianceCompliance
⚙️ The Zillow Effect in GRC: When Platforms Perform Control Testing

⚙️ The Zillow Effect in GRC: When Platforms Perform Control Testing

How GRC automation shifted from evidence storage to active control assessment, and what that means for your audit relationship and your GRC Engineering practice

Ayoub Fandi
Ayoub Fandi
ComplianceCompliance
⚙️ Automating Quarterly Access Reviews: GRC Engineering in practice

⚙️ Automating Quarterly Access Reviews: GRC Engineering in practice

The Step-by-Step GRC Engineering Practical Guide to Leveraging Existing IAM Infrastructure to automate Quarterly Access Reviews and get better visibility

Ayoub Fandi
Ayoub Fandi
ComplianceCompliance
⚙️ Why the Policy-as-Code revolution didn't happen (and what can we do?)

⚙️ Why the Policy-as-Code revolution didn't happen (and what can we do?)

On the back of the news of the acquisition of the Styra team behind Open Policy Agent by Apple, we'll discuss how Policy-as-Code has been fitting into GRC Engineering and the way forward.

Ayoub Fandi
Ayoub Fandi
ComplianceCompliance
⚙️ Designing Controls Where Compliance is an Afterthought

⚙️ Designing Controls Where Compliance is an Afterthought

Transform compliance-driven GRC programs into security-first systems that reduce business risk, automate evidence collection, and earn executive trust

Ayoub Fandi
Ayoub Fandi
ComplianceCompliance
⚙️ Control Orchestration: The Missing Link in Enterprise Compliance Programs

⚙️ Control Orchestration: The Missing Link in Enterprise Compliance Programs

Driving Consistent Security Control Execution in Complex, Mixed-Technology GRC Environments

Ayoub Fandi
Ayoub Fandi