Summer is over. Schedules change, kids are in school, fall is arriving.
As many of you noticed – I took a break from blogging this summer. However, this was not a break from GRC 20/20 work. I have been working hard at delivering value to clients facing risk and compliance issues as well as rebranding the GRC 20/20 image.
To kick-off a renewed spurt of blog thoughts I thought it best to focus on some summer 2008 reflections to inform you of what GRC 20/20 has been up to:
- Major food retailer social accountability advisory board. The most intriguing engagement which I started, and continues on an ongoing basis, is the my appointment to the Social Accountability Advisory Board of a major food retailer. My role on this board is monitor and research global risk and compliance trends and issues that impact this food retailer with a particular focus on the 5000+ relationships they have in their supply chain.
- Segregation of Duties and Access Management benchmark project. The largest project in GRC 20/20’s short history was started this summer in which we were engaged to do a benchmark assessment of global 100 firms and their practices and issues they face in managing SoD and AM. The risk and compliance issues are significant in managing who has access to critical systems and information when spread across thousands of business relationships in the extended enterprise and throughout the world. A major auto manufacturer engaged GRC 20/20 and a leading consulting firm to deliver on this in a joint effort.
- Compliance roadshow with EMC. In July and August GRC 20/20 was engaged to deliver on a four city roadshow to discuss the range of technologies needed to effectively manage enterprise risk and compliance with a focus on sustainability.
- Compliance Week 2008. I attended the Compliance Week 2008 conference in Washington DC in June – this is simply the best and most informative compliance conference out there. I was really impressed with the level of speakers. The format was also exceptional as each presentation was followed by a roundtable ‘Conversation’ to discuss the material presented. Vendor involvement was also tightly controlled. Very impressive.
- OCEG Red Book 2.0. It has been exciting to continue to work with the Open Compliance and Ethics Group to contribute and deliver on the Red Book 2.0 which provides the leading GRC framework guidance. It has now been released for public review.
- GRC 20/20 branding. As you can see by the website – I have given our branding a complete overhaul. I am now delivering more content and services and aim to grow GRC 20/20 further over the next few years. I changed the colors as well as the logo. Green communicates responsibility and sustainability. The steel blue communicates strength – like iron. The I is encompassed within the C of the logo to communicate that Integrity is something that comes from within.
- General growth of business. I have been honored to see our client list grow into the dozens. Many of these are special projects or engagements, however list of clients who has GRC 20/20 on an ongoing retainer now numbers over 10!
The work does not stop there – but as you can see, it has been a very busy summer.
Fall 2008 is bringing many new exciting things to GRC 20/20 as well. We are about to publish our next piece of research on Enterprise Investigations Management. Blogging will pick up again. We are starting our educational workshop series – starting with GRC Fundamentals for Technology Providers and Consultants. And more . . .
As always, I would love to hear your feedback, thoughts, and perspectives – particularly on how GRC 20/20 can serve you and become an even more outstanding business!