To All Spreadsheet Masters: We know who you are!
Posted July 1, 2011, 10:48 am by Matt Peterson
Matt Peterson
We know you are out there! You live your life based upon a spreadsheet. Your finances, sports team statistics, your Star War's collection, your wedding, and even the number of times you mow/fertilizer/aerate your lawn. We get it. Not only does this spreadsheet addiction personify the person you are, but you validate for everyone else that you are 'that guy'.
When performing a PCI assessment, risk assessment, or tracking vulnerability trending, you are the person everyone clamors around because you are the most organized and can easily pull it together. True, a few more of you are savvy enough to have entered into the cloud computing space using solutions, such as, Google Docs. The element that remains is that often times such solutions aren't adopted throughout the organization leaving a void in the ability for more than one person to adequately manage your risk and compliance efforts on an ongoing basis. Then again, you might be violating company policy by using Google Doc's or a platform similar to it.
I'm not asking you to stop writing those spreadsheets - they serve a purpose, but they do have a life expectancy when it comes to managing risk and compliance on a daily basis and ensuring that data is up to date. There are several cost effective GRC type SAAS platforms out there that can be customized to your needs. Such solutions, offer you the ability to streamline your efforts, increase productivity, monitor compliance, and have the ability to maintain a real time understanding of your risk and compliance program. When implemented as they are designed, you too, will once again be recognized as the go-to person. These solutions can save you money when it comes to engaging with a PCI QSA, working with a third party consulting firm to perform a risk assessment, or having a security assessment performed to show trends over time.
The times for SAAS based GRC solutions to meet organization needs are mature and should be adopted. You'll find that they can be easily integrated into any environment, allowing multiple resources to provide input and response in order to dynamically maintain your risk and compliance needs on a daily basis. The threat landscape changes rather consistently, You should too!
You must be logged in to post comments.
Comments
No Comments