It’s time to turn GRC on its head and move beyond the outdated “check the box” model of compliance. By definition, to operationalize something means to set something up so that it can be measured. This talk will demonstrate how CISOs and their peers can measure their GRC program against metrics, and use continuous monitoring to mature beyond reactive compliance to take a proactive risk-based approach.

1) After completing this session, the participant will be able to measure their GRC program against metrics, and use continuous monitoring to mature beyond reactive compliance to take a proactive risk-based approach.

2) After completing this session, the participant will be able to use company-wide risks to manage GRC.

3) After completing this session, the participant will be able to measure the current state of their GRC programs using dashboards and analytics. 4) After completing this session, the participant will be able to up-level their current GRC programs to a truly operationalized approach.