Jump to content

Phil Wilson

  • Content Count

  • Joined

  • Last visited

About Phil Wilson

  • Rank

Contact Methods

  • Skype
    GRC Sphere

Profile Information

  • Gender
    Not Telling
  • Interests
    Industry-driven Crowdsourcing and Benchmarking
  • First
  • Last
  • Middle
  • Company Name
    The GRC Sphere
  • Sector
    Governance Risk Compliance (GRC)
  • Affiliations
    Baldridge Perfornance Excellence, NIST CSF
  • Country
    United States
  1. Phil Wilson

    Multi-User CSA's

    Hi All, We are interested in finding out how many members are using some sort of Control Self-Assessment (CSA) instrument, model, app, template or tool. For instance, are you using a self-created CSA on Excel or Word? The reason that we are asking this is to see if any of you have explored the use of a CSA tool that is designed for multiple users. Let us your thoughts as well as how you are currently measuring your company's progress in implementing the NIST Cybersecurity Framework (CSF)? Thank you, Phil Wilson The GRC Sphere http://GRCsphere.org
  2. Phil Wilson

    Scoping the Effort

    Our organization has received numerous questions from our members on the number of implied controls and implementation requirements that we need to implement, based on the current 98 lower level control objectives the we find in the Rev 1.1 Draft. We did an assessment of CSF 1.0 using Common Controls Hub and came out with just over 1,000 specific requirements. Let us know if you have completed a Scoping assessment of 1.1. Thanks! Phil Wilson The GRC Sphere www.GRCsphere.org
  3. Phil Wilson

    To choose right CMS

    I'd suggest looking into the superlative Drupal architecture which is especially strong in the areas of integration and extensibility, or if you'd prefer check out an e-commerce platform that uses Drupal 7 as an underlying infrastructure: cloudnet360.com. The latter will save you a lot of development dollars!
  4. Phil Wilson

    List of Existing Mappings and Add-Ons?

    Hi Jack,Tom, Greg; You may be familiar with our member's use of the Common Controls Hub which is not only the largest database of external regulatory requirements, but also contains comprehensive and detailed GRC configuration capabilities. Please opt-in for free at http://grcsphere.pwcstores.com/select-role and we will provision an account for you. Again, no charge. We are looking forward to the release of the Mapper which supersedes all the work we have done in the past on spreadsheets, but does not obsolete our own mapping work. For those more technically inclined, we have a graphical programming tool that offers expert system support and we are using this Member facility to build advanced NIST CSF tools for industry-driven crowdsourcing and benchmarking. We have a foundation paper on this if you're interested. Phil