White paper

GRC: Be Connected: Are policies your best cybersecurity ally?

Clear and concise cybersecurity compliance policies should be the first brick you lay in your cybersecurity foundation. Once a strong compliance base is established, organizations can operate more comfortably and efficiently. This message was conveyed during the 2023 GRC: Be Connected! experience sharing event in partnership with ISACA Belgium & Solvay Brussels School. The ISACA governance frameworks can help build this foundation. The programme included break-out sessions geared to both experts and non-experts. Compliance policies are like high-performance sports cars. They, too, must be fine-tuned, maintained, and monitored for performance and precision.

Although effective policy management might seem like a no-brainer, the many conflicting priorities faced by business leaders can see it fall to the bottom of an extensive list. The risks of not managing your policies effectively should provide sufficient incentive to prioritize and recognize the importance of policy management, though.

The importance of policy management lies in its definition: rather than being a one-off event, it is a continuing management process that requires regular adjustments to accommodate new technologies, updated legislation and advances in best practice. Setting your policies and procedures is the necessary first step. The ISACA frameworks are a good starting point for organizations that want to adopt a robust policy management approach.


Alexandra D’Archambeau, Cyber Security Consultant RSM Belgium

Topic: How to sell digital trust to the Board


Georges Ataya, Professor at Solvay Brussels School of economics & Management

Topic: Skills and roles for cybersecurity today


Laurent Deheyer,  Director – Head of SOC at Approach Belgium

Topic: Ransomware real case lessons learned: the role of governance


Marc Vael, President SAI.be; Global CISO Packaging & Color Management Danaher Corporation

Topic: Why should anyone (still) read your cybersecurity policy?


Tatiana Postil, Board member ISACA Belgium

Topic: Alice in Cyberland or eight GRC questions


Egide Nzabonimana, President ISACA Belgium

Topic: ISACA digital trust framework on cybersecurity trust


Laurie-Anne Bourdain, Data Protection Officer Isabel Group Board Member (ISC)²

Topic: How to ensure risk assessment makes sense?