Skip to content

Cyber / GRC

This section captures cybersecurity, governance, risk, compliance, and security authorization notes.

The goal is to keep practical reference material organized in a way that supports both learning and professional use.

Focus Areas

Area Focus
NIST SP 800-53 Control families, control intent, and implementation notes
RMF / ATO Authorization workflow, evidence, findings, and risk decisions
CMMC Small business cybersecurity requirements and assessment readiness
GRC Workflow Evidence organization, control mapping, risk tracking, and reporting
Security Operations Monitoring, incident response, exposure review, and alerting

How This Supports the Portfolio

These notes connect hands-on technical projects to compliance and risk management. They show the ability to understand both the technical side and the governance side of cybersecurity.