GRC 20/20’s 2021 Research Year in Review
2021 was a year of resiliency as we ride the waves of the pandemic with a focus on ingrity as the world turns to a focus on ESG within organizations. 2022 will continue these themes of resiliency and integrity but will bring in agility. How can organizations not only be resilient but also agile while maintaining integrity amidst change and uncertainty (risk).
While it has been a roller coaster that moves on into 2022 now, it certainly had a lot of impact on governance, risk management, and compliance (GRC) strategies, processes, and technology. Organizations are seeking to increase organizational integrity that they live up to their ethics, values, commitments, and obligations in the midst of uncertainty. They are also looking to increase business and operational resiliency and agility.
Below is a summary of the research blogs and papers that GRC 20/20 has published throughout 2021 organized by topic area.
The top research areas of interest by organizations (by volume of inquiries and GRC 20/20 publication) are:
- Corporate Compliance & Ethics
- Third Party GRC/Risk Management
- Policy & Training Management
- Risk & Resiliency Management
- ESG Management
- Enterprise GRC (which also includes all the elements above)
As always, you can ask GRC 20/20 Research questions in the context of governance, risk management, and compliance strategies and processes, as well as solutions available in the market we cover in our objective market research through the inquiry process. Every week GRC 20/20 is answering between 15 and 20 inquiries from organizations looking for advice on solutions and services to engage as they navigate the hundreds of solutions av ailable in the GRC market . . .
Enterprise GRC and the Broad GRC Market
Research Reports
- Alyne: An Integrated 360° View of Risk, Resiliency & Integrity
- 2021 Trends: Governance, Risk Management & Compliance (GRC)
- 2021: An Integrated Focus on Business Integrity & Resiliency
Blogs
- ES-G-RC – The Role of GRC in Delivering ESG
- Integrating a Top-Down Board View of GRC With a Bottom-Up Operational View of GRC
- The Board’s Role in Leading and Enabling GRC
- Delivering ESG in GRC
- The Agile (Not Just Resilient) Organization
- GRC 2021: ESG, Risk Management, Compliance . . . Driving GRC Maturity
- GRC 20/20’s 2020 Research Year in Review
- Why Spreadsheets, Documents & Emails Fail for GRC
Corporate Compliance & Ethics Management
Research Reports
Blogs
- Delivering Agile Compliance
- GRC 20/20’s Regulatory Change Management Maturity Model
- Regulatory Change RFP/Solution Capabilities
- GRC Architecture to Manage Regulatory Change
- Defining a Regulatory Change Management Strategy & Process
- Broken Process and Insufficient Resources to Manage Regulatory Change
- A Tsunami of Regulatory Change Overwhelms Organizations
- There is a new CIO in town . . . the Chief Ethics and Compliance Officer (CECO)
- Where Should Compliance & Ethics Report?
- Is Your Organization Lawful Good or Chaotic Evil?
- A CECO SWOT Analysis for 2021: Understanding Your Threats
- A CECO SWOT Analysis for 2021: Finding Your Opportunities
- A CECO SWOT Analysis for 2021: Identifying Your Weaknesses
- A CECO SWOT Analysis for 2021: Knowing Your Strengths
- Lessons Learned in Compliance Management in 2020
ESG – Environmental, Social, Governance
Research Reports
Blogs
- ESG – It’s Time to Up Your Game
- The Foundation of ESG is in Policy Management
- ES-G-RC – The Role of GRC in Delivering ESG
- ESG is about to ROCK the Third-Party Risk World
- A Quick Guide to ESG and Risk Management in the Extended Enterprise
- Is Your Organization Lawful Good or Chaotic Evil?
- Delivering ESG in GRC
Risk & Resiliency Management
Research Reports
- Alyne: An Integrated 360° View of Risk, Resiliency & Integrity
- Refinitiv Connected Risk: Operational Resilience
- Acuity Risk Management STREAM
Blogs
- Hybrid Working: What About the Risk?
- Risk Management Lessons from Denmark
- Are You Headed to a Risk Management Clusterf***?
- Putting $$$ to It: Can You Quantify Your Risk?
- Doctor Strange: Chief Risk Officer in the Multiverse of Uncertainty
- James Bond 007 and Risk Situational Awareness
- Integrating a Top-Down Board View of GRC With a Bottom-Up Operational View of GRC
- The Agile (Not Just Resilient) Organization
- What is Business and Operational Resiliency?
- The Resilient Organization: From Business Resilience down into Operational Resilience
Policy Management
Research Reports
Blogs
- Foundation of a Policy Management Strategy
- 360° Visibility into Policies and Policy Management
- Have You Done your Policy Enforcement Push-ups?
- Policy Management Maturity: Journey to an Agile Policy Management Program
- The Foundation of ESG is in Policy Management
- Managing & Communicating Policies in the “NEW NORMAL”
- Shadow Policies: Increasing Legal Exposure & Liability
- Becoming a Policy Management Pro with a New Online Resource
- The Second Wave of the Policy Management Pandemic
- Improving Your Organizations Policy Management Capability
- The Principles of Effective Policy Management
- Why Policies Matter
- The Policy Management Capability Model
Third-Party (e.g, Vendor/Supplier) GRC Management
Research Reports
- Prevalent: Managing ESG Risks Across the Extended Enterprise
- Relationship Trouble – Enterprise Risk Magazine 2021-06-10
- Third-Party GRC Management by Design
- 2021 Trends: Third-Party GRC Management
Blogs
- Information & Technology Enables Third-Party GRC
- Understanding the Third-Party GRC Process Lifecycle
- Critical Elements of a Third-Party GRC Strategic Plan
- Vendor Performance & SLA Management: A Quick Guide
- Defining Third-Party GRC Management
- The Extended Enterprise Demands Attention
- Relationship Trouble: The Pandemic’s Web of Interconnected Risks
- Modern Slavery Risk Assessments in the Extended Enterprise: A Quick Guide
- A Quick Guide to Anti-Bribery & Corruption (ABAC) Risk in the Extended Enterprise
- ESG is about to ROCK the Third-Party Risk World
- A Quick Guide to ESG and Risk Management in the Extended Enterprise
- 2021 Trends in Third-Party Governance, Risk Management & Compliance (GRC)
- Third-Party GRC: Looking Back on 2020, What Was Learned ?
Legal GRC Management
Research Reports
Blogs
- Legal GRC in Contrast to Legal’s Role in Enterprise GRC
- Architecting a New Paradigm in Legal Governance
- The Role of Legal & Legal Processes is Changing
Privacy Management
Research Reports
Internal & Automated Control Management
Research Reports
Blogs
- ControlPanelGRC: Providing 360° Contextual Awareness of Access Risk & Controls
- Carlisle Construction Materials: Agility Achieved in Access Control & Segregation of Duties
- Continuous Control Monitoring with SAP Process Control