Governance, Risk Management, and Compliance blog articles to provide you with knowledge

GRC platform
Consultancy
Courses
Resources
- Blog
- Guides & white papers
- Video academy
- GDPR
- ISO 27001
- NIS2
- PCI - DSS
- GRC Defined
About us

ENGLISH
GERMAN
NORWEGIAN
DANISH
SWEDISH

Explore NorthGRC

A blog about GRC (Governance, Risk Management, and Compliance)

Neupart transforms into NorthGRC

How will NIS2 impact an information security manager?

GDPR Compliance: Bridge the Gap

Choosing the right business continuity scenarios for your BCP

The three golden rules of a business continuity plan

How to Handle a GDPR Breach

Do you need to explain what ISO 27001 is?

Risk assessments must align with business goals

Here's how to get management support for information security initiatives

A compliance planning tool gives information security managers an automatic plan

Five great tips for security officers with sole responsibility for information security

ISMS: The value you can measure is the value you deliver

Information Security: How to get the most out of limited resources

GDPR: You prepare more records of processing activities than you should

GDPR: You Passed the Test – Now What?

To Assess, Or Not To Assess

GDPR: Make It Easy to Do It Right

Dear IT Manager: GDPR is not your responsibility – but it is your task

Why You Should Be Carrying Out a Risk Assessment

GDPR Compliance: You do not need to carry out an exhaustive dataflow analysis

The EU GDPR: Three tips that will save you time, money, and worrying.

Continuous Compliance with the GDPR

Data Protection Officers - Who Needs Them?

Personal Data Protection - How Hard Can It Be?

How to comply with the EU GDPR

Risk Assessments - What are they for?

Hacking online meetings

Risk assessment is a process - 3 reasons to do it again (and again)

How to make compliance interesting. A guide to awareness campaigns

Why should managers be interested in information security?

Updating Information Security Policies: Adapting to ISO 27002 2013

How to measure ISO 27001 ISMS efficiency with KPIs

Has ‘Plan-Do-Check-Act´disappeared in the new ISO 27001?

New Webinar series on Information Security Management best practice

The new ISO 27001 is out! How to develop a Statement of Applicability

How to assess your business risks when going cloud

IT Risk Management increases your IT outsourcing success

Six questions about the ISO 27001 revision (with answers)

Three ways the ISO 27001 revision will affect your company

4 responsible shortcuts to good enough risk assessments

All posts

GRC blog

The NorthGRC blog offers advice and knowledge of effective information security management, security strategies, risk management, compliance with information security standards and other requirements, business continuity planning, ISO2700x, EU Data Protection Regulation, PCI DSS, etc.

Subscribe to newsletter

Learn about Governance, Risk Management, and Compliance.

Popular Posts

Search the blog

Search

Explore NorthGRC

THE PLATFORM
COURSES
WHITE PAPERS

CONSULTANCY
ABOUT US
BLOG

Since 2002, NorthGRC has empowered organizations to navigate complex regulatory requirements and operational risk. We provide expert guidance and a comprehensive GRC platform to support compliance with ISO 27001/2, NIS2, GDPR, DORA, and a wide range of other standards.

© 2025 NorthGRC - Privacy policy

[fa icon="chevron-up"]