≡ Menu


There’s been a recent thread on LinkedIn I thought was interesting on the topic of what we should stop doing. I once had a CISO that came into the role – he was made aware that over 100 reports were being run on a monthly basis for the business. He asked what they were for and didn’t get a satisfactory response. He ordered IT Security to stop producing them. He received 2 emails complaining about it.

Decision Trees

Decision Trees are a great way to map out automated tests. Using them can simplify your design and help discussions with stakeholders as the decision points are easy to show and explain.  [continue reading…]

Extracting Data in ServiceNow

This short article will cover:

A simple way to extract all information from your ServiceNow from a given workflow area (Change Requests, Service Requests, etc)

Read More…

Automated Compliance Testing

We’ve worked in IT GRC (Governance, Risk, and Compliance) for over 10 years. One of the promises of GRC tools is that they can automate compliance.

But what does this mean? Does it mean compliance is automatically tested and computed based on input data?
Read More…