Archive | Other Publications

Download

CECO at the Center

Engaged by OCEG to write this white paper, Michael Rasmussen provides perspectives on the role of compliance and ethics in a GRC strategy: In this installment of the Critical Conversations whitepaper series, OCEG describes the conversations a chief ethics and compliance officer (CECO) must have with other enterprise executives to successfully participate in the development […]

Continue Reading 0
Download

CLO at the Center

Engaged by OCEG to write this white paper, Michael Rasmussen provides perspectives on the role of legal in a GRC strategy: In this installment of the Critical Conversations whitepaper series, OCEG describes the conversations that the Chief Legal Officer (CLO) must have with other enterprise executives to successfully participate in the development and implementation of […]

Continue Reading 0
Download Button - Green

Effective Policy Management Illustrated eBook

This is the compilation of the OCEG GRC Policy Illustrated Series on EffectivePolicy Management, and GRC 20/20’s Effective Policy Management Lifecycle. First we discuss why policies matter and deliver an overview of the  Effective Policy Management Lifecycle. Each illustration after that looks at the stages of the lifecycle: Tracking Change That Impacts Policy Policy Development and Approval Policy Communication and […]

Continue Reading 0
Download Button - Green

6 – Policy Management Illustrated: Policy Measurement & Evaluation

Eective policy management requires that organizations periodically (minimum annually) review policies to ensure they remain relevant and aligned with corporate objectives. A complete history of revisions, collaborations, communications, training and acceptance, exceptions, and enforcement actions should be carefully preserved. This, along with a program to proactively identify and respond to business changes that impact the policy environment will […]

Continue Reading 0
Download Button - Green

5 – Policy Management Illustrated: Implement & Enforce Policies

I find that ineffective and unenforced policies are rampant within organizations, and are a thorn in the side of compliance and policy managers. Mismanagement of policy has grown exponentially with the proliferation of documents, collaboration software, file shares, and Websites. Organizations end up with policies scattered on dozens of sites with no defined understanding of what policies exist and how they are enforced. An ad hoc […]

Continue Reading 0
Download Button - Green

4 – Policy Management Illustrated: Communicate & Train

So you wrote a policy—now what? Policies are only effective if you can show that they have been communicated and understood. Having a written policy that nobody knows about is just like having no policy at all. You cannot hold people accountable to a policy until you have made them aware of the policy. Unfortunately, many organizations have scattered approaches to publish and communicate policies. I […]

Continue Reading 0
Download Button - Green

3 – Policy Management Illustrated: Policy Development & Approval

In my experience, policy management processes are in disarray when operating autonomously, introducing risk in today’s complex, dynamic, and distributed business environment. The typical organization lacks a structured means of policy development and governance with an inconsistent maze of templates and processes. Inconsistency in policy management means processes, partners, employees, and systems that behave like leaves blowing in the wind. Organizations struggle with policies that are out-of-date, ineffective, […]

Continue Reading 0
Download Button - Green

2 – Policy Management Illustrated: Tracking Change that Impacts Policy

In the time it takes you to read this article your business has changed. The economic environment has changed, your employees have changed, and there are constant changes to technology, competition, and processes. Business drifts in a sea of change. One particular area of change that bears down on the organization is the siege of changing laws, regulations, and enforcement actions. When regulatory change management […]

Continue Reading 0

Policy Management Illustrated #1: Effective Policy Management

From time to time, to my surprise, I still hear people asking why policies matter. After all, they argue, aren’t the laws and regulations we have to follow enough guidance? Beyond those requirements, can’t we let managers decide how to run their own operations and have case-by-case flexibility? Don’t policies create liability when they aren’t followed? Isn’t it just more unnecessary bureaucracy? My answer, […]

Continue Reading 0