KnowBe4’s New GRC Platform Takes the Bite out of Risk Management
KCM GRC allows organizations to eliminate the business disruption caused by the dreaded audit cycle, keep key employees focused on important work as opposed to sitting in meetings, and enable visibility into compliance and risk initiatives at all levels of the business. -Stu Sjouwerman, CEO
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced that it has released a new, updated SaaS-based GRC platform featuring compliance management, policy management and risk management.
Most organizations leverage spreadsheets, documents and/or collaboration portals, as well as email threads and individual calendars to manage their GRC initiatives. These practices are inefficient, error-prone, costly, and present greater risk to the organization.
“KCM GRC allows organizations to eliminate the business disruption caused by the dreaded audit cycle, keep key employees focused on important work as opposed to sitting in meetings, and enable visibility into compliance and risk initiatives at all levels of the business,” said Stu Sjouwerman, CEO, KnowBe4. “It’s intuitive, easy to use and affordable. We’ve rounded out the requirements of what it takes to successfully manage GRC in a more convenient way.”
All organizations follow some type of regulation. Many need to comply with PCI-DSS, but often that is combined with other regulations such as HIPAA. Even if an organization is not required by law to comply with any regulations, there may be a need to follow an internal risk framework, internal policies & procedures, or an industry best practices framework such as NIST* or CIS**. Managing compliance for one regulation or framework is time consuming. Having multiple regulations becomes impractical to manage without automation.
Additionally, managing policy distribution and tracking attestation can be a challenging and time-consuming process.
KCM’s risk management workflow is simple: identify the risk, respond to the risk and monitor the risk. The KCM risk workflow is based on the well-recognized NIST 800-30 and integrates with the compliance features by allowing compliance or audit gaps to be escalated to the risk register. It identifies, assesses and monitors risk as well as gaps within organizations’ security programs.
For more information on KCM GRC, please visit https://www.knowbe4.com/products/compliance-manager-software.