Discover how The University of Chicago Information Assurance team designed, launched, and scaled their enterprise-wide information security risk assessment program.
In this insightful webinar you’ll hear from Jessica Sandy, GRC Manager, and Gabe McElwain, IT Risk Analyst, as they share their experiences and lessons learned including:
- The decision behind selecting the NIST Cybersecurity Framework (CSF) and how they adapted it to fit the needs of their campus.
- The importance of nurturing relationships, raising cybersecurity awareness, and building a coalition of risk assessment participants.
- How they leverage Isora GRC from SaltyCloud as the backbone for their information security risk assessment program.
- The challenges they faced in scoring & reporting and how they addressed them to prioritize their efforts and deliver meaningful insights to their units, leadership, auditors, insurance providers, and board of directors.
- How they use an agile method to continuously scale and improve their program.