Keeping up with regulatory content can be a challenge. The constant changes in today’s regulatory environments translate to a growing burden on organizations in terms of the number of regulations… Continue reading COGNITIVE GRC: Enabling Regulatory Change Management

Organizations need to be agile, not just resilient. Agility is the ability to see what is coming at the organization and allow the organization to adjust and navigate to use… Continue reading Cognitive GRC (GRC 5.0): Enabling Enterprise Risk Agility & Resilience

I have been advising organizations on strategy, process, and technology related to ESG for over fifteen years. Of course, it has not been called ESG for that long. It was… Continue reading ESG: The Foundation is Built on Policies

The mature risk and resilience program can be measured against critical elements across governance and oversight, people and engagement, process and execution, and information and technology. Risk & Resilience Governance… Continue reading Checklist to Measure & Improve Risk & Resilience Maturity

Getting to the Head of the Risk & Resiliency Class Organizations with risk and resilience processes siloed within departments operate at the Ad Hoc, Fragmented, or Defined stage. At these… Continue reading Advancing Your Organization’s Risk and Resilience Maturity

Mature risk and resilience management is a seamless part of risk governance and operations. It requires a top-down view of risk and resilience, led by the executives and the board,… Continue reading Five Stages of Risk and Resilience Maturity

Firewalls protect us. In buildings, it is a wall intended to shield and confine a fire to an area to protect the rest of the building. In a vehicle, it… Continue reading The Human Firewall: Essential to Organizations

I have been on the road regularly for the past six weeks with a heavy travel schedule through mid-July that brings me across the USA and Europe. Lots of interactions… Continue reading Agile & Cognitive GRC: a New Generation in GRC Solutions

A dynamic business environment requires the capability to actively manage risk intelligence and fluctuating risks impacting the organization and its relationships. The old paradigm of uncoordinated third-party risk management is… Continue reading Delivering 360° Third-Party Risk Situational Awareness

Take advantage of GRC’s structured guidance to deliver on ESG strategy and processes. ESG – Environmental, Social, and Governance – is pressuring organizations from every angle. Investors are making investment… Continue reading How to Operationalize ESG with GRC

The Federal Risk and Authorization Management Program (FedRAMP) has been in place for just over a decade (2011). Its purpose is to provide a “cost-effective, risk-based approach for the adoption… Continue reading Improving FedRAMP: Federal Procurement & Risk Management