GRC

  • GRC Maturity Levels

    GRC Maturity Levels

    As explained in the previous article, GRC typically is a practice of tying together governance, risk, and compliance activities in an integrated program supported by organization, processes, and tools. In some form or other, organisations of all shapes and sizes are already engaged in GRC activities. However, depending on their industry and overall size, they might have different stages of advancement.

  • How to avoid an abandoned wreck

    GRC lessons learned

    In our lives before Alyne, we spent our days designing, implementing and reviewing security, governance and risk management solutions for companies of many sizes and industries across many different countries. We recently got to comparing notes on organisations that were highly successful in this space and others that we felt should have accomplished more and of course the companies that failed miserably.

  • Quantifying Operational Risk

    Quantifying operational risk is not an easy task - especially without a methodical approach. Poor measurement is getting increasingly expensive for many organisations, so we would like to discuss solutions using integrated risk management. 

  • Reactions, Advanced Search and Improved Speed

    Summary of Changes

    Alyne Reactions

    1. Reactions

    Reactions are a revolutionary feature that integrates social interactions to the Alyne Cyber Security, Risk Management and Compliance solution. Get insights which Controls are understood, supported, implemented or even seem to be confusing for your organisation.

    Reactions on Control Sets

    2. Reaction Summary

    You get consolidated statistics on reactions per Control Set to get an overview about how many members of your organisation have read, implemented, are supporting your Controls or even are confused with them.

    Advanced search by standards

    3. Advanced Search

    Since product launch, the search always has been a powerful feature to filter Control Sets based on keywords. Now we are adding Standards and Regulation to the search.

  • Real-time, baby! But in control.

    Summary of Changes

    Real-time

    1. Real-time

    Alyne real-time technology updates the screen within a second or less whenever you collaborate with colleagues.

    Access control

    2. Access Control

    Read and write access rights on Control Sets, Assessments, Controls and Reports enable fine-grained access control policies in your organisation.

    Risk Archive

    3. Risk Archive

    Risk Management now supports archiving of Risks and even Risk Tags.

  • RegTech will disrupt Regulatory Compliance in unexpected ways

    Regtech disruption

    There is a new buzzword rocking the financial services industry: RegTech.

    According to the easy algorithm of combining a short form of an industry to be disrupted with the suffix “-Tech”, RegTech stands for “Regulation Technology”. To explain it, we have to make a little excursion to last week’s hot topic in the form of FinTech (Financial Technology).

  • Report Editing, Advanced Filtering and a New Shiny Button

    Summary of Changes

    Alyne Report Remove Risks

    1. Remove Risks from Reports

    Removing Risks from Reports is new feature that includes a documented reason and a history log. Of course you have the ability to reinstate those risks again.

    Alyne Filter Reactions and Comments

    2. Filter by Comments and Reactions

    Last time we introduced Reactions on Controls. You now can filter Controls by Reaction and Comments. You also can filter Assessment Responses by Comments.

    Alyne Hold Button to Delete

    3. Secure Delete

    "Do you really want to delete...?" is pretty old-fashioned. Instead of a confirmation popup the user presses and holds the button for 2 seconds and releases to execute the delete.

  • Risk Management to the rescue

    Summary of Changes

    Secure File Evidence

    1. Risk Management

    Risk Management is our new module that makes the Alyne platform ready for a full-blown GRC journey.

    Task Management

    2. Task Manangement

    Alyne's Risk Management module is tightly coupled with the new Task Management that is the new general vehicle for managing action plans and task delegation.

    Secure Files everywhere

    3. Secure Files everywhere

    We took our top notch Secure Evidence technology for Assessments and make it available to all the other features at Alyne.

  • Secure File Evidence, Report Status and some comfort enhancements

    Summary of Changes

    Secure File Evidence

    1. Secure File Evidence

    Proudly, Alyne introduces Secure File Evidence as a top notch way of securely encrypting and storing files as evidence for Assessments and other Alyne features - in one of 12 storage locations (your choice).

    Report Status and Sign-off

    2. Report Status and Sign-off

    We brought draft, review and sign-off status to Reports including a secure audit log history about the changes made in the Report: who, what, when.

    Topic Sort in Assessments

    3. Topic Sort in Assessments

    When setting up the Assessment questions, you might want to have a different sort order for your topics. Here you go.

  • State of RegTech - Part 1: Emerging Categories

    Emerging Categories

    Since the emergence of the term RegTech in mid 2015, we have been actively monitoring the market as well as shaping it as much as we can through our product Alyne and thought leadership in this space. In the following, I would like to share my observations by attempting a categorisation of some of the players and providing some predictions for the future of the market and giving some insights into our own strategy at Alyne for the next months and years in the following blog posts of this series.

  • State of RegTech - Part 2: Market Predictions

    Market Predictions

    The term RegTech turned one year old a few weeks ago and in its short lifetime has already lived through a quick hype that I believe may be giving way to a touch of reality. In the second part of our blog series about the State of RegTech, I would like to attempt some predictions for the future of the RegTech market.

  • Taking traditional GRC to agile and integrated Risk Management

    Are you getting flash backs of your Motorola flip phone ringing during your risk meetings? Are your spreadsheets still colour coded in the original 16 colours Excel offered? Are your risk management and governance processes still stuck in the early 2000s?

  • Thoughts on GRC Content Marketing

    One of the essential steps in starting any business is creating awareness for your brand. You can have the greatest product in the world, but if your target group doesn't know about it, you will never make a sale. For me, marketing is also not at all about this traditional advertising pushing, which many people associate with the topic. It starts much earlier in identifying promising market potential, shaping a product to fit this demand, and then telling people about it in the least annoying way possible.

  • What is GRC?

    In today’s business world depending on the industry, you will come into contact more and more with the term GRC or “Governance Risk Compliance”. In certain circles this has come to be almost a kind of new management philosophy, that fills the whole working day of entire departments.

    We will launch an article series on this blog examining the various facets of IT security, Risk Management practices and the governance thereof and how they are currently applied within various organisations. During this examination, we hope that the esteemed reader will be able to recognise cases, pitfalls, and successes from their own areas of influence and take some value out of this content, to apply to their future endeavors in this topic.