Is This the Norm?

An experienced professional in GRC (Governance, Risk, and Compliance) expresses concerns about their new company, which, despite using cutting-edge technologies, lacks fundamental basics in IT security and compliance. Identified risks are ignored by the technical and GRC teams, and the work environment is characterized by a lack of collaboration and an excessive focus on appearances rather than problem-solving. The professional feels misled about the company's culture and is considering not staying long-term.