Archive | The GRC Pundit Blog

Thoughts from Compliance Week '09 Day 1

Compliance Week remains the highlight of GRC events throughout the year. As one Tweet states at the beginning of the conference: “dougcorneliusStarting the “Davos” of compliance.” Sure there are many events I enjoy for networking and catching up with others. However, Compliance Week is one of the few events I attend that actually stretches me […]

Continue Reading 0

Thoughts from the OCEG Leadership Council

A Proverb states: “Where there is no guidance, a people falls, but in an abundance of counselors there is safety.”  Much of the GRC world – with its various professional stovepipes – has struggled for guidance and direction on how to effectively integrate and define common processes for Governance, Risk, & Compliance.  Sure, we have a […]

Continue Reading 0

'Lean' GRC – Good Concept, Poor Choice of Word

  A recent discussion on the Corporate Integrity LinkedIN Group was started by Norman Marks when he stated: “How would you go about applying Lean principles to making sure your GRC processes, organization, and systems are not only effective but efficient?“  Personally, I do not like the word ‘lean’ as an adjective for GRC. Yes, […]

Continue Reading 0

Developing a GRC Strategic Plan

Governance, Risk, and Compliance can be confusing to understand in their individual capacities – bring them together as GRC and it can be even more confounding. GRC is more than a catchy acronym used by technology providers and consultants to market their solutions – it is a philosophy of business. This philosophy permeates the organization: […]

Continue Reading 0

Streamlining Compliance

Organizational exposure to compliance risk is rising while the cost of compliance soars. Additionally, the ad hoc, reactive approach to compliance brings complexity, forcing business to be less agile. Organizations typically address compliance as singular issues and obligations; as a result they have multiple initiatives working in isolation to respond to each regulatory requirement. These […]

Continue Reading 0

Response to Lumigent's "GRC Starts With C"

John Capobianco, CEO of Lumigent, recently published “GRC Starts with ‘C’” commentary. While there is much to be admired about Lumigent’s messaging and awareness campaign of application GRC – I found this particular post to be misguided.   The thrust of the message, as I understand it, is to reduce cost by tackling the C […]

Continue Reading 0

Mutli-Perspective Risk Analysis

  Unfortunately, organizations get locked into a static view of risk analysis and management.They are overly focused on heat maps generated from fairly static risk assessment processes. The era of SOX and control self-assessments has propagated this further.Organizations have often ended up with an enterprise risk management program that is nothing more than SOX and […]

Continue Reading 0

Risk & Regulatory Intelligence (or should it be Wisdom)?

Intelligence and wisdom . . . we have seen these words bantered around quite a bit. While the market seems to be eager to grasp onto the phrase ‘risk intelligence’ it means nothing if corporations do not know what to do with the knowledge that intelligence brings them. There are ignorant individuals and organizations that […]

Continue Reading 0

Thoughts from the Archer National Summit

As a risk and compliance (GRC) pundit one gets invited to a lot of conferences. Some, like Compliance Week, are particularly interesting as the format, content, and high-level audience remains engaging year after year. Typically, technology vendor conferences are dull and mundane – Archer’s National Summit held last week in Orlando, Florida is a surprising […]

Continue Reading 0

Ultimate Legal Management Platform

Legal – the last (OK, perhaps I should state latest) technology frontier – to boldly go where no one has embraced technology before. So it would appear to an observer of the average corporate legal department. Corporate attorneys have been technology agnostics not willing to give up their legal pads and pens in exchange for […]

Continue Reading 0