Back to All Events

San Diego March Event In-Person and Online: Risk is good: A Hacker's Guide to Managing GRC When you don't have a killer refresh rate

  • XiFin, Inc. 12225 El Camino Real San Diego, CA, 92130 United States (map)

“We turned tribal knowledge into a repeatable, auditable playbook — think blue‑team discipline with rogue‑hacker swagger.

What we did:

  • Recon: Interviewed engineers, architects, analysts, and leaders to expose undocumented ops and inconsistent controls.

  • Exploit the gaps: Mapped policies, SOPs, and GRC to reveal missing/ineffective controls and untracked risks.

  • Score & Prioritize: Work with second line of defense to standardized risk scoring (likelihood × impact) aligned to NIST/ISO.

  • Deploy the framework: Process → Risk → Controls with owners, templates, review cadences, and preventive/detective/corrective controls.

  • Ship culture: Accessible docs, continuous monitoring, and training to make resilience repeatable.

Result: From chaotic scripts to a hardened playbook — proactive risk management that works.

SPEAKER: Curtis Jones - Technology Analyst II at LPL Financial

DETAILS:
Date: Thursday, March 19
Time: 12:00 - 1:15 p.m.
Location: In-Person and Online via Zoom
CPE: 1

ON PREMISES
XiFin, Inc.
12225 El Camino Real
San Diego, CA 92130
Attendance capacity is limited to 50

ONLINE
Online access is available via the chapter’s Zoom account (registration below).
Attendance capacity is 500

REGISTER here to attend on-premises
REGISTER here to attend online
Earlier Event: March 12
Webinar—CMMC: Requirements, Roles, and Professional Credentials
Later Event: April 23
Collaborative ISACA San Diego & SecurityStudio Academy Coffee Talk: Charting Your Education & Career Path In Today’s Complex Landscape