Brian Tremblay, Onapsis Compliance Practice Leader, joins Security & Compliance Weekly to talk about how misconfigurations and vulnerabilities in your mission-critical applications can lead to compliance problems and the need for organizations to adopt a process of continuous compliance. As a former auditor, Brian understands the best practices leaders can use to identify, monitor and mitigate compliance risks. Watch the full podcast episode below with Security Weekly to learn more.
Interested in learning more about how Onapsis can protect your mission-critical applications? Join us at the 2020 Gartner Security & Risk Management Summit, September 14 – 17. Click here to register now!
About the Author
Brian Tremblay leads Onapsis’s Compliance Practice, drawing on over 20 years of experience in internal audit and risk management. As a former Chief Audit Executive, he brings hands-on expertise in preparing organizations for public offerings and implementing critical frameworks like SOX and GDPR. Brian’s deep knowledge of IT General Controls and regulatory compliance enables him to guide customers on mitigating risks related to their business-critical applications. His background at global companies like Raytheon and Deloitte establishes him as a trusted authority on audit-ready SAP systems and bridging the gap between security and compliance.
More about this author
Further Reading
SAP Security Notes: May 2026 Patch Day
SAP Patch Day for May 2026 addresses HotNews vulnerabilities in SAP Commerce Cloud and SAP S/4HANA
NIST: Applying the NIST Incident Response Lifecycle to SAP
Applying the NIST Incident Response Lifecycle to SAP environments provides organizations with a standardized methodology to prepare for, detect, and recover from severe cyberattacks. Because SAP systems house mission-critical data, integrating structured incident response protocols into an overarching SAP GRC strategy prevents catastrophic operational downtime and secures sensitive enterprise records. The Four Phases of SAP…
GDPR: Article 32 and the SAP Vulnerability Management Mandate
The General Data Protection Regulation (GDPR) imposes strict data protection requirements on global enterprises. Within this framework, GDPR Article 32 specifically mandates the “security of processing.” For organizations running SAP, which often serves as the central repository for highly sensitive employee and customer data, adhering to this article requires shifting from policy documentation to active,…