CP
cyberpings
Industry NewsMEDIUM

Gemara Model Revolutionizes Governance, Risk, and Compliance

OSOpenSSF BlogToday, 8:21 PM
Gemara ModelGRCcompliancepolicy-as-codeCNCF
🎯

Basically, the Gemara Model helps organizations manage security and compliance more effectively.

Quick Summary

The Gemara Model has been introduced to improve Governance, Risk, and Compliance practices. Organizations will benefit from a unified approach to security and compliance. This model aims to standardize processes, making compliance easier and more effective. Learn how this could impact your organization’s security measures.

What Happened

In a world where software development is evolving rapidly, traditional Governance, Risk, and Compliance (GRC)? methods are struggling to keep pace. Compliance activities often exist as a separate administrative layer, making it hard for organizations to demonstrate their security measures after the fact. Recognizing this gap, the industry has turned to GRC Engineering and concepts like policy-as-code? to enhance compliance efforts.

However, there are significant alignment issues across tools, teams, and organizations. The industry suffers from a lack of standardization? in philosophies, language, and data schemas. To address this, a new model called the Gemara Model has been introduced, aiming for global standardization? and philosophical alignment in GRC practices.

Why Should You Care

You might wonder why this matters to you. If you work in any organization, understanding how GRC functions can directly impact your job, especially if you handle sensitive information or compliance tasks. Think of it like building a house; without a solid foundation and a common blueprint, the structure may collapse. The Gemara Model provides that blueprint, making it easier for organizations to ensure they meet security standards and regulations.

The key takeaway is that this model aims to unify GRC practices, making it simpler for organizations to manage risk and compliance effectively. This could lead to better security for your data and a smoother experience for you as a user or employee.

What's Being Done

The Gemara Model is already making waves in the industry. It builds upon existing frameworks like the CNCF?’s Automated Governance Maturity Model? and incorporates insights from NIST’s OSCAL? and other projects. Here’s what you can do if you’re part of an organization affected by these changes:

  • Familiarize yourself with the Gemara Model and its seven-layer architecture?.
  • Assess your current GRC practices and identify areas for improvement.
  • Engage with your team to discuss how you can implement this model effectively.

Experts are closely monitoring how organizations adopt this model and its impact on compliance efficiency. The hope is that with standardized practices, organizations can significantly enhance their security posture and compliance efforts.

💡 Tap dotted terms for explanations

🔒 Pro insight: The Gemara Model's layered architecture could streamline compliance processes, fostering interoperability across disparate GRC tools and frameworks.

Original article from

OpenSSF Blog · OpenSSF

Read Full Article

Share

Related Pings

LOWIndustry News

OLED TVs Slashed: Grab Last Year's LG B5 at 50% Off!

Best Buy has slashed prices on last year's LG B5 OLED TV by 50%. This deal is perfect for anyone wanting a premium viewing experience at a fraction of the cost. Act fast, as such discounts don't last long!

ZDNet Security·Today, 8:52 PM
LOWIndustry News

iPhone 17e: Grab It for Just $6 a Month!

AT&T is offering the new iPhone 17e for just $6 a month! This deal makes upgrading your phone affordable. Don't miss your chance to grab this budget-friendly option before it's gone!

ZDNet Security·Today, 8:47 PM
HIGHIndustry News

Drones: Balancing Policy, Production, and Protection

Drones are becoming commonplace, but they need solid rules and safety measures. Without proper policies and production standards, risks to privacy and safety increase. Governments and manufacturers are working together to ensure drones are safe and effective.

SC Media·Today, 5:44 PM
MEDIUMIndustry News

Cyber Strategy: Cairncross Unveils Trump's Next Steps

Sean Cairncross outlines a new cybersecurity strategy blending operations with diplomacy and corporate responsibility. This approach aims to enhance protections for businesses and individuals alike. As companies are pressured to step up their defenses, the overall security landscape could see significant improvements.

CyberScoop·Today, 5:31 PM
LOWIndustry News

Amazon Offers $200 Gift Card for Galaxy S26 Preorders!

Amazon is giving away a $200 gift card for preordering the Galaxy S26 series. Plus, you can snag a $400 discount! This is your last chance to take advantage of this incredible offer.

ZDNet Security·Today, 4:54 PM
MEDIUMIndustry News

YouTube TV Launches 12 Cheaper Subscription Plans!

YouTube TV has launched 12 new, cheaper subscription plans! This means you can save money while still enjoying live sports and shows. Explore the options to find the perfect fit for your viewing habits.

ZDNet Security·Today, 4:52 PM