LeeRayl

Hey #InfoSec family

My heart was lifted this morning reading about the Delve issues and I am ready for it.

I just posted to LinkedIn that I am available to help organizations using tools like Delve, Vanta, Drata, etc… to evaluate their current GRC programs and help them make Risk based decisions on assurances and assessments.

GRC is my jam, compliance is my happy place, controls, I love them, and I have time.

Heck, maybe you’re stuck in this position and need someone to help get back on track, I got you.

So many companies are about to get rocked through TPRM and the “Show me your SOC 2” is not going to be enough.

If you have ever had to meet the GRC requirements of a big financial company or other highly regulated industry, you know the time required to meet the need, your clients will start demanding the same.

Oh, and the insurance industry must be losing their minds now that there is a massive question on security and liability.

Anyway here’s my LinkedIn post if you want to share it, or use it to reach out. https://www.linkedin.com/posts/leerayl_if-your-team-iswas-using-delve-or-any-of-share-7441904958955962369-yaU-

If your team is/was using Delve or any of the “GRC Platforms” and realize the current state of GRC platforms providing assurances is bunk, I can help. I have watched the space for years, worked with… | Lee Rayl

If your team is/was using Delve or any of the “GRC Platforms” and realize the current state of GRC platforms providing assurances is bunk, I can help. I have watched the space for years, worked with many of them, and understand the appeal but they have created a market for themselves that do not serve you. I am a Certified InfoSec Manager, GRC Engineer, InfoSec Program Manager with SOC 2, ISO 27xxx, ISO 42001, TISAX, and FedRAMP/NIST CSF, RMF, AI RMF, 800 53, GDPR, HIPAA, and EU AI Act. I am available to help you find the right level of compliance within your governance requirements to help you move into a more complete and comprehensive solution for your organization. I believe this work is important and requires more than a SaaS solution, it requires humans, tools, and collaboration to prove compliance and meet emerging governance challenges. Before you find out your SOC 2 is worthless because it was rubber stamped by a partner of your software, let me help you get on track, find a good firm that uses professional auditors, and build the assurance model you thought you were getting with that GRC tool. I am currently available to help.

LinkedIn
Mar 23 at 6:05pmWeb
Show threadLeeRayl2d ago

Because I do silly stuff, I went to the Delve.co career site and they list a Senior GRC specialist role for hire.

Now I am not gonna kick them while they are down but maybe that should have been a hire a long time ago….

Maybe hiring GRC experts is a good thing for your GRC tool/platform when building trust as a new player in the space.

Pretty sure AI would have told you that….

A breach of trust is still a breach. Reputation in a trust industry is all you got.

#InfoSec