How does your cyber compliance team stay informed about new and changing regulations impacting your organization's compliance? Additionally, how are cyber compliance teams tracking, measuring and reporting on internal compliance?

Based on my experience in legal and IT, staying on top of changing regulations works best with a combination of smart tools and practical processes. AI can track updates in real time and highlight what matters, while centralized frameworks make guidance easy to access. Internal compliance is monitored through dashboards, automated reports, and regular audits, helping teams measure performance and address issues before they escalate.

These are two different questions with maybe different actions. To stay informed about local laws in all our countries where we are located, I am relying on a legal tool called Lexology Pro and my private CISO network in Europe. The other part is a solution for GRC this also depends on your requirements and regulation you must fulfil.