Alla is an analyst at Forrester serving security and risk professionals. She covers governance, risk, and compliance (GRC) strategy, best practices, and technology, with a special focus on third-party risk management, procurement and supplier risk management, and enterprise and cybersecurity risk management frameworks such as ISO 31000, ISO 27000, and NIST Cybersecurity Framework (CSF). She also assists with coverage of key regulatory compliance issues and technology; risk management, ethics, and trust in digital transformation; and achieving operational resilience. In this role, she helps Forrester clients establish and mature a comprehensive GRC program that maximizes business opportunity and performance while minimizing risk and protecting the organization’s brand.