Notes on doing GRC deliberately.

Essays and short notes on strategy, risk, smart compliance, and the AI questions security teams actually have to answer.