The Hitchhiker’s Guide to the GRC Technology Galaxy

hggrcgalaxy
  • 5.0 (3)
  • BUSINESS

Welcome, interstellar travelers, to the Hitchhiker’s Guide to the GRC Technology Galaxy, your improbable companion through the expanding universe of governance, risk, and compliance. In a cosmos where regulations multiply faster than Tribbles, cyber incidents drop like falling whales, and third parties sprout surprises with Vogon-level timing, this podcast is your towel, your Babel Fish, and your improbability drive rolled into one. Each episode, Michael Rasmussen and guests explore the constellation of GRC technology, from digital twins and AI copilots to compliance nebulae and audit wormholes. We chart the domains, decode the jargon, and help you survive vendor poetry that promises everything and delivers nothing. Whether you’re a compliance officer, risk manager, or just someone trying to make sense of improbable business realities, this guide offers clarity, humor, and a reminder of the most important rule of all, don’t panic. End of transmission. Prepare for the next hyperspace jump.

  1. FEB 19

    The Expanding GRC Universe: Mitratech in the GRC Galaxy

    In this episode of The Hitchhiker’s Guide to the GRC Technology Galaxy, Michael Rasmussen explores a familiar but evolving constellation in the GRC universe: Mitratech. Long associated with what Michael calls “Legal GRC,” Mitratech has steadily expanded its orbit, moving from legal operations into enterprise-wide risk, compliance, and HR governance. The conversation examines what separates Mitratech in a market filled with specialists and generalists alike: not just breadth, but a deliberate effort to connect disciplines that are too often treated as separate planets. They unpack how Mitratech balances its deep legal roots with enterprise GRC capabilities, how HR has become an essential governance frontier, and how integration, rather than replacement, shapes its strategy. AI enters the discussion as well. What’s real today, what’s emerging tomorrow, and how Mitratech is positioning itself for the next phase of intelligent automation. Finally, they look ahead to 2030. What does the GRC galaxy look like then? What will organizations expect from platforms that span legal, risk, and people operations? And how does a company evolve without losing its gravitational center? In a universe of accelerating regulation and complexity, this episode considers what it takes not just to expand but to expand wisely.

    18 min

  2. FEB 12

    The Intelligence Layer of the Galaxy: TDI Solutions in the GRC Galaxy

    In this episode of The Hitchhiker’s Guide to the GRC Technology Galaxy, Michael Rasmussen speaks with David Fisher, President of TDI Solutions, about something that often gets lost in the noise of modern GRC—Intelligence. They begin by exploring what makes TDI Solutions different in a crowded landscape. While many platforms lead with automation and AI, TDI starts with intelligence (human expertise, investigative depth, geopolitical awareness, and regulatory context) and then uses AI to enhance, scale, and accelerate that foundation. The conversation dives into TDI’s due diligence capabilities, what distinguishes their approach, and how intelligence-led analysis improves executive decision-making across jurisdictions and value chains. From there, they unpack how TDI’s technology platforms, including third-party monitoring and regulatory navigation, are built to support and operationalize that intelligence, not replace it. They also discuss why clients typically engage TDI, the caliber of analysts behind the work, and how the firm balances SaaS scalability with advisory depth. The episode closes with a look ahead at how TDI sees its intelligence-driven model evolving over the next several years. In a galaxy increasingly powered by algorithms, AI may be fast but intelligence still comes first.

    22 min

  3. FEB 5

    The Deterministic Guide to GRC: Optimas.ai in the GRC Galaxy

    In this episode, field researcher and galactic GRC hitchhiker for the Guide, Michael Rasmussen, talks with Aadesh Gawde, Founder and CEO of Optimas.ai, about a different way of thinking about GRC—not as workflows to manage, but as systems to engineer. The conversation begins with Aadesh’s analogy of Optimas as a Jarvis-like concierge for cybersecurity and resilience, a way of describing how the platform supports executive decision-making by continuously working in the background. From there, he explains why Optimas positions itself as both a GRC engineering platform and a GRC data platform, and why that distinction matters in a landscape crowded with tools built primarily to automate tasks and workflows. They discuss Optimas’ deterministic approach to understanding exposure, how that differs from probabilistic risk models, and why Optimas doesn’t see itself as a replacement for traditional GRC platforms. Instead, it’s designed to sit alongside them, answering a different class of questions about exposure, readiness, and confidence as conditions change. Along the way, they unpack what makes Optimas distinct, the kinds of use cases it’s solving today, and how Aadesh sees the platform evolving over the next few years. It’s a conversation very much in the spirit of the Guide itself, curious and quietly confident that some of the hardest problems become easier once you stop panicking and start thinking like an engineer.

    27 min

  4. JAN 29

    Beyond the Continuity Asteroid Belt: Fusion in the GRC Galaxy

    In this episode of The Hitchhiker’s Guide to the GRC Technology Galaxy, Michael Rasmussen sits down with Michael Campbell, Chief Executive Officer of Fusion Risk Management, to make sense of a GRC universe that has expanded to well over a thousand solutions (many trying to be everything, and a few choosing to be very precise). Michael shares his journey to Fusion and how decades of leading technology companies through growth and transformation shaped his view of risk, scale, and operational reality. From there, the conversation widens to the modern GRC landscape: why it has become so fragmented, why focus matters, and why Fusion has deliberately centered its strategy on resilience rather than generic compliance or catch-all risk tooling. They unpack what resilience really means today, far beyond business continuity plans and disaster recovery binders, spanning operational, cyber, organizational, and decision resilience. They also explore where risk and resilience overlap, where they diverge, and why confusing the two often leaves organizations exposed at the worst possible moment. Michael and Michael discuss what truly sets Fusion apart, how customers are pushing the platform in increasingly sophisticated ways, and what’s coming next as resilience becomes a board-level priority rather than a back-office function. In a galaxy crowded with tools, frameworks, and noise, this episode offers a simple piece of guidance straight from the Guide itself: Don’t Panic

    26 min

  5. JAN 22

    Risk, Without the Panic: CRISAM in the GRC Galaxy

    In this episode of The Hitchhiker’s Guide to the GRC Technology Galaxy, Michael Rasmussen is joined by Andreas Schmitz, whose journey through the risk universe began not in a product roadmap, but deep in the practitioner trenches and eventually led him to CRISAM. They explore what happens when someone who has actually lived with risk frameworks, audits, and regulatory pressure falls in love with a GRC platform because it finally makes sense. The conversation digs into why usability is not a “nice to have” in risk management, especially in environments like Germany, where standards such as IDW PS 340 set some of the most rigorous expectations in the world. Michael and Andreas discuss what sets CRISAM apart, why organizations across industries and of all sizes choose it, and how the platform has expanded from Germany into the broader DACH region and across Europe. They unpack who typically uses CRISAM (from risk managers and compliance teams to IT, security, and audit) and why a single, method-based system matters when requirements keep multiplying. The episode also looks ahead to what’s coming next and how CRISAM is thinking about agentic AI, digital twins, and the future evolution of risk management without losing its practitioner-first DNA. In a galaxy full of complexity, acronyms, and impossible standards, this episode delivers a simple reminder straight from the Guide itself: don’t panic.

    22 min

  6. JAN 15

    Thrive on Risk: MetricStream in the GRC Galaxy

    In this episode of The Hitchhiker’s Guide to the GRC Technology Galaxy, Michael Rasmussen sits down with MetricStream to trace a long and improbable journey that began in the age of SOX spreadsheets and has evolved into something far more ambitious. They reflect on MetricStream’s early role in shaping enterprise GRC, how the platform grew alongside regulatory pressure, and why today’s MetricStream is fundamentally not the MetricStream of yesterday. The conversation explores what it really means to make GRC professionals’ jobs “easier”—not just saving time or money, but improving effectiveness, reducing exposure, increasing resilience, and enabling organizations to move faster and smarter in the face of uncertainty. Michael and the MetricStream team also unpack the company’s evolving identity, including the enduring relevance of “Thrive on Risk” and the newer focus on “GRC Simplified, Outcomes Amplified.” They discuss how simplification doesn’t mean dumbing things down, but rather removing friction, reducing duplication, and amplifying the outcomes that matter most to executives and boards. Finally, the episode looks ahead to where MetricStream sees itself in the coming years, how integrated GRC must continue to evolve, what legacy mindsets need to be left behind, and how organizations can shift from surviving risk to actually thriving because of it. In a galaxy crowded with frameworks, controls, and compliance noise, the Guide offers a reassuring reminder: don’t panic, evolve.

    22 min

  7. JAN 8

    The Hitchhiker’s Guide to Risk: Protecht in the GRC Galaxy

    In this episode of The Hitchhiker’s Guide to the GRC Technology Galaxy, Michael Rasmussen is joined by Gary Lynam, Managing Director for EMEA at Protecht, to trace the unlikely but influential journey of one of the GRC universe’s quiet constants. The conversation begins in Australia, a place with an outsized impact on modern risk thinking, exploring how the AS/NZS 4360 Standard laid the groundwork for what would later become ISO 31000, and how that legacy continues to shape Protecht’s philosophy today. From those roots, they unpack Protecht’s evolution from a strong mid-market specialist into a global platform increasingly serving large, complex enterprises. Gary and Michael dig into the difference between real risk management and checkbox compliance theater, discussing where organizations go wrong, what good risk management actually looks like in practice, and where Protecht fits across domains such as enterprise risk, operational risk, resilience, controls, and regulatory obligations. They also explore Protecht’s Marketplace model and how it differentiates the platform by allowing organizations to grow risk capability without forcing a one-size-fits-all approach. The discussion then turns to Protecht’s AI journey, including Cognita, and how the company is approaching AI deliberately as a decision-support capability grounded in risk expertise, not hype. Finally, Gary shares what to expect over the next one to two years, from platform evolution to market direction, and where Protecht sees itself heading as risk management continues to mature globally. In a galaxy crowded with frameworks, dashboards, and compliance noise, this episode offers a reassuring message straight from the Guide itself: Don’t panic.

    25 min

  8. 12/18/2025

    The Compliance Guide to the Galaxy: NAVEX in the GRC Galaxy

    In this episode of The Hitchhiker’s Guide to the GRC Technology Galaxy, Michael Rasmussen is joined by Kyle Martin of NAVEX to chart the company’s long arc, from its early days to the AI-powered, fully connected risk and compliance platform used by organizations across the world today. They explore how NAVEX has evolved alongside the market, why its integrated approach resonates with customers, and how the company's growth in Europe is reshaping its global footprint. Kyle breaks down the kinds of industries and organizational sizes where NAVEX thrives, and why so many customers choose NAVEX as their central nervous system for ethics, risk, whistleblowing, and compliance operations. The conversation also turns toward the future, and where AI sits in NAVEX’s strategy today, how it will transform risk and compliance in the years ahead, and what Kyle believes NAVEX will look like in five years as the platform continues to expand its intelligence and reach. And because even the GRC galaxy needs a little levity, the episode finishes with Kyle’s predictions for the rest of the NBA season, proving that while regulatory change may be unpredictable, basketball fandom is eternal. In a universe full of uncertainty, NAVEX offers something rare: connected intelligence, practical guidance, and just enough cosmic humor to remind listeners, don’t panic.

    16 min
See All (23)

Ratings & Reviews

5
out of 5
3 Ratings

About

Welcome, interstellar travelers, to the Hitchhiker’s Guide to the GRC Technology Galaxy, your improbable companion through the expanding universe of governance, risk, and compliance. In a cosmos where regulations multiply faster than Tribbles, cyber incidents drop like falling whales, and third parties sprout surprises with Vogon-level timing, this podcast is your towel, your Babel Fish, and your improbability drive rolled into one. Each episode, Michael Rasmussen and guests explore the constellation of GRC technology, from digital twins and AI copilots to compliance nebulae and audit wormholes. We chart the domains, decode the jargon, and help you survive vendor poetry that promises everything and delivers nothing. Whether you’re a compliance officer, risk manager, or just someone trying to make sense of improbable business realities, this guide offers clarity, humor, and a reminder of the most important rule of all, don’t panic. End of transmission. Prepare for the next hyperspace jump.

Information

You Might Also Like