Greg Hutchins is the founder of 800Compete.com, WorkingIt.com, CERMAcademy.com, QualityPlusEngineering.com, and other startups. Greg Hutchins is the risk evangelist who coined the expression Future of Quality: Risk®.
Greg Hutchins PE CERM is also the principal professional engineer Quality + Engineering - international supply and quality management firm. He has written best selling books on global ISO standards and risk management. Greg is the author of ISO 9000 (best selling translated into 8 languages published through John Wiley), Value Added Auditing, ISO 31000: Enterprise Risk Management, ISO Risk Based Thinking, Risk Based Thinking, Supply Management Strategies (APICS, ISM, ASQ endorsed and used in certifications), and Standard Manual of Quality Auditing and more than a dozen article international books.
Q+E is the designer and developer of Certified Enterprise Risk Manager® (CERM), CERM Cyber™certificate, and best selling ISO and ERM books. Q+E has deep domain expertise in ISO 31000, ISO 27001, and NIST 800’s.
Q+E designed CERM based on its security IP including Critical Infrastructure Protection: Forensics, Assurance, Analytics®, Value Added Auditing™, Certified Enterprise Risk Manager®, Future of Quality: Risk®, CERM: Risk Based, Problem Solving | Risk Based, Decision Making®, etc. Q+E has been certified by the Department of Homeland Security for Critical Infrastructure Protection: Forensics, Assurance, Analytics®.
Q+E has conducted the following Critical Infrastructure Protection (CIP) risk assessments:
• Analytical. Q+E engineers and scientists conduct analytical analyses following Q+E protocols evaluating business continuity, cyber security, and physical security systems against IEEE, NFPA, ISA, PMI, ISO, NIST, COSO, NERC, DIACAP, FISMA, and ASIS standards.
• Assurance. Q+E offers the client three levels of assurance:
o Compliance. Q+E conducts a compliance audit against appropriate standards and guidance.
o Assurance with opinion. Q+E issues an opinion based on the results of a governance, risk, and compliance (GRC) audit or ERM controls assessment.
o Assurance with insurance coverage. Q+E conducts an audit and provides the requisite level of due diligence for the auditee to be covered.
• Forensics. Q+E provides the above levels of assurance as well as supplies a letter to the regulatory authority averring compliance that criteria have been met.