Archive | The GRC Pundit Blog

The One Regulation to Rule Them All: UK SMR/CR & Cascading Regulations

For those of you on this list that know me on a personal level, I am a huge Tolkien fan. In fact, I am just a Master’s thesis away from my M.A. in Church History and the thesis is on the influence of Medieval theology, particularly Aquinas, on J.R.R. Tolkien and his works (my particular […]

Continue Reading 0

Managing Risk & Compliance in the Extended Enterprise

Modern Organization: Interconnected Maze of Relationships No man is an island, entire of itself; Every man is a piece of the continent, a part of the main.[1] Replace the word ‘man’ with ‘organization’ and the seventeenth-century English poet John Donne is describing the post-modern twenty-first century organization. In other words, “No organization is an island […]

Continue Reading 0

Enabling the 1st Line of Defense with Policy, Training & Issue Reporting

Like battling the multi-headed Hydra in Greek mythology, redundant, manual, and uncoordinated governance, risk management, and compliance (GRC) approaches are ineffective. As the Hydra grows more heads of regulation, legal matters, operational risks, and complexity, scattered departments of GRC responsibilities that do not work together become overwhelmed and exhausted and start losing the battle. This […]

Continue Reading 0

Compliance, Particularly for Privacy, Requires Data Process Mapping & Disposition

Compliance used to be simpler. An organization was given a set of requirements and it had to check the boxes that it met the requirements and compliance was achieved. The complex nature of business today and the focus on information in the digital economy has driven compliance requirements to a new level of intricacy and […]

Continue Reading 0

Is SMR & CR, the UK Financial Services biggest challenge for 2018?

The UK Senior Manager’s Regime and Certification Regime (UK SMR/CR) is one of the most significant challenges financial services firms are facing right now. The Financial Conduct Authority (FCA) has recently announced that this regulation is going to be applied to all firms governed by the FCA: over 58,000 organizations. This is the governing regulation […]

Continue Reading 0

The IRM Emperor (Gartner) Has No Clothes

The Gartner Integrated Risk Management (IRM) Magic Quadrant has been out a few weeks and I have been buried with inquiries from organizations asking my thoughts on it. While I initially was going to post my thoughts in this article right away, I have spent the past few weeks doing a lot of reflection and […]

Continue Reading 0

Defining the Issue Reporting & Case Management Process

Distributed and dynamic business requires the organization to take a strategic approach to issue reporting and case management. Organizations require complete situational and holistic awareness of issues, incidents, investigations, and cases across business operations and processes. This is best approached through structured and accountable processes enabled through an integrated information and technology architecture for issue […]

Continue Reading 0

An Enterprise Approach to Issue Reporting & Case Management

GRC 20/20 has seen many organizations take an enterprise perspective on aspects of GRC, such as Enterprise Policy Management, Enterprise Third Party Management, and, of course, Enterprise Risk Management. Over the past 18 months, GRC 20/20 has seen a growing demand for Enterprise Case Management which involves issue reporting (e.g., hotlines, management reports, complaints) and case […]

Continue Reading 0

3 Key Findings from the Policy Management by Design Workshop

Policy management is a crucial component of a larger corporate governance, risk management, and compliance (GRC) program. Adherence to external regulations and instilling employee accountability starts with well-established organizational policies and procedures. In GRC 20/20’s recent workshop Policy Management by Design (Workiva hosted). Attendees from across industries came together to learn about policy management best […]

Continue Reading 0

2019 GRC User Experience Award Nominations

GRC 20/20 is accepting nominations for the 2019 GRC User Experience Awards! Governance, risk management and compliance (GRC) is a part of everyone’s job. Too often we shovel GRC into the bowels of the organization thinking it is the responsibility of the obscure and behind-the-scenes individuals in the back office of GRC in the organization. […]

Continue Reading 0

LinkedIn
Twitter
RSS
Follow by Email
Google+