GRC Games

by Shimon|26 May 202626 May 2026|GRC Games, Risk Systems & Decision Economics

By the time the quarterly risk review arrived, the register looked polished. Each entry had an owner, a score, a treatment status, and a target date. The color coding was clean, the categories were complete, and the summary slides translated...

Multi-Factor Authentication

by Shimon|12 May 202626 May 2026|Control Systems & Failure Modes, GRC Games

The organization had already implemented multi-factor authentication across its core systems, at least on paper. Engineering teams had integrated MFA into primary authentication flows, and audit reports reflected broad coverage across in-scope applications. From a distance, the control appeared complete....

Welcome to the Work: What This Site Is, and What It Isn’t

by Shimon|02 October 202522 May 2026|Data Protection Economics, GRC Economics, GRC Games

This site began with a simple goal: to give shape to the kinds of conversations that often unfold outside formal channels—after the meeting has ended, between functions navigating ambiguity, or once the audit has concluded but the discomfort still lingers....