Andrew on InfoSec GRC

Category: GRC Platform Development

  • GRC Platform Scope

    Concentrate on the Information Security Space, or the Operational Risk at the most

    • Define Objects:
      • Organizations
      • Assets
      • Authority (like Regs, Frameworks)
      • Glossary
      • Data Classifications and Atributes
      • Documents (Policies etc)
      • Risks
      • Controls
    (more…)

  • GRC Platform Development – inception

    Decided to spin this blog to document some of my GRC platform development.

    Some thoughts:

    Building a GRC platform isn’t an easy task, especially considering that different companies have different approaches to GRC processes. Some companies are less mature and require the barebones, other companies manage their GRC processes with lots of sophistication.

    (more…)

  • Sankey for MapGRC

    Project: MapGRC (Laravel 12, Multi-Tenant)
    Feature: Dynamic Sankey Diagram Visualization Page
    Goal: To create an interactive Sankey diagram that visually represents relationships between GRC entities (Libraries, Types, Objects, and Requirements) across user-defined steps or sections, allowing users to explore complex mappings in a structured, intuitive, and analytical way.

    (more…)