Author Archive | The GRC Pundit

Understanding & Improving Governance, Risk Management & Compliance

Governance, risk management & compliance (GRC) is something an organization does and not something an organization buys. GRC, done properly, is what is achieved throughout the business and its operations. By definition, GRC is “a capability to reliably achieve objectives [governance] while addressing uncertainty [risk management] and acting with integrity [compliance].” (source: OCEG GRC Capability Model that GRC 20/20 has helped define and […]

Continue Reading 0

Managing Risk & Compliance in the Extended Enterprise

Modern Organization: Interconnected Maze of Relationships No man is an island, entire of itself; Every man is a piece of the continent, a part of the main.[1] Replace the word ‘man’ with ‘organization’ and the seventeenth-century English poet John Donne is describing the post-modern twenty-first century organization. In other words, “No organization is an island […]

Continue Reading 0

Enabling the 1st Line of Defense with Policy, Training & Issue Reporting

Like battling the multi-headed Hydra in Greek mythology, redundant, manual, and uncoordinated governance, risk management, and compliance (GRC) approaches are ineffective. As the Hydra grows more heads of regulation, legal matters, operational risks, and complexity, scattered departments of GRC responsibilities that do not work together become overwhelmed and exhausted and start losing the battle. This […]

Continue Reading 0

Is SMR & CR, the UK Financial Services biggest challenge for 2018?

The UK Senior Manager’s Regime and Certification Regime (UK SMR/CR) is one of the most significant challenges financial services firms are facing right now. The Financial Conduct Authority (FCA) has recently announced that this regulation is going to be applied to all firms governed by the FCA: over 58,000 organizations. This is the governing regulation […]

Continue Reading 0

Defining the Issue Reporting & Case Management Process

Distributed and dynamic business requires the organization to take a strategic approach to issue reporting and case management. Organizations require complete situational and holistic awareness of issues, incidents, investigations, and cases across business operations and processes. This is best approached through structured and accountable processes enabled through an integrated information and technology architecture for issue […]

Continue Reading 0

An Enterprise Approach to Issue Reporting & Case Management

GRC 20/20 has seen many organizations take an enterprise perspective on aspects of GRC, such as Enterprise Policy Management, Enterprise Third Party Management, and, of course, Enterprise Risk Management. Over the past 18 months, GRC 20/20 has seen a growing demand for Enterprise Case Management which involves issue reporting (e.g., hotlines, management reports, complaints) and case […]

Continue Reading 0

3 Key Findings from the Policy Management by Design Workshop

Policy management is a crucial component of a larger corporate governance, risk management, and compliance (GRC) program. Adherence to external regulations and instilling employee accountability starts with well-established organizational policies and procedures. In GRC 20/20’s recent workshop Policy Management by Design (Workiva hosted). Attendees from across industries came together to learn about policy management best […]

Continue Reading 0

LinkedIn
Twitter
RSS
Follow by Email
Google+