The point of my catchy title is not to remind you of the popular 80’s Tom Cruise movie (though most of you are probably already hearing the opening piano riff from Bob Seger’s Old Time Rock & Roll racing through your mind). My intent is to explain the ‘Risky Business’ of waiting too long to begin a governance, risk and compliance program.Read more

Tommy Thompson

Tommy Thompson is True's Director of Program Development Services, specializing in IT GRC and security program initiatives. Tommy has implemented successful IT GRC programs from start to finish, gaining valuable experience and lessons learned to develop a proven, proprietary True IT GRC Framework Methodology used to guide clients to IT GRC success. Tommy has presented at multiple IT conferences; served as a Director of the Product Enhancement Committee for a leading GRC Platform software solution; and has consulted multiple Fortune 100 and 500 companies.

More Posts

Perhaps one of the biggest questions facing the leadership of businesses and organizations in today’s Governance, Risk, and Compliance space is “What do I do first when it comes to implementing an IT GRC Program?  Do I procure an IT GRC software solution (platform) first and then implement the program while building out and configuring the platform?  Or, do I first develop and implement an IT GRC program and then procure an IT GRC platform down the road?  And, if the latter is the case, how do I know when the right time is to begin that procurement?”Read more

Tommy Thompson

Tommy Thompson is True's Director of Program Development Services, specializing in IT GRC and security program initiatives. Tommy has implemented successful IT GRC programs from start to finish, gaining valuable experience and lessons learned to develop a proven, proprietary True IT GRC Framework Methodology used to guide clients to IT GRC success. Tommy has presented at multiple IT conferences; served as a Director of the Product Enhancement Committee for a leading GRC Platform software solution; and has consulted multiple Fortune 100 and 500 companies.

More Posts

I was recently discussing IT GRC program implementation with the CIO of a growing, mid-sized software company when he presented the question, “But HOW do you do it?  I mean, how do you get employees to follow the rules in a GRC program?”  The following is the second part to my response to his question…Read more

Tommy Thompson

Tommy Thompson is True's Director of Program Development Services, specializing in IT GRC and security program initiatives. Tommy has implemented successful IT GRC programs from start to finish, gaining valuable experience and lessons learned to develop a proven, proprietary True IT GRC Framework Methodology used to guide clients to IT GRC success. Tommy has presented at multiple IT conferences; served as a Director of the Product Enhancement Committee for a leading GRC Platform software solution; and has consulted multiple Fortune 100 and 500 companies.

More Posts

I was recently discussing IT GRC program implementation with the  CIO of a growing, mid-sized software company when he presented the question, “But HOW do you do it? I mean, how do you get employees to follow the rules in a GRC program?”  My response to his question…Read more

Tommy Thompson

Tommy Thompson is True's Director of Program Development Services, specializing in IT GRC and security program initiatives. Tommy has implemented successful IT GRC programs from start to finish, gaining valuable experience and lessons learned to develop a proven, proprietary True IT GRC Framework Methodology used to guide clients to IT GRC success. Tommy has presented at multiple IT conferences; served as a Director of the Product Enhancement Committee for a leading GRC Platform software solution; and has consulted multiple Fortune 100 and 500 companies.

More Posts