The physicist Fritjof Capra stated: “The more we study the major problems of our time, the more we come to realize that they cannot be understood in isolation. They are systemic… Continue reading Rasmussen’s Strategic Pillars of GRC: Agility, Resiliency, Integrity

Too often GRC – governance, risk management, compliance – is approached backwards. Using the acronym, one would think it is CRG, or even Cr (lower case intentional). Too many organizations… Continue reading GRC Done Right Starts With the Business: Objectives, Performance, Processes

Compliance and ethics do not happen in the back office but at all levels of the organization. From the top down to the front-line employees. Compliance and ethics done right… Continue reading The Exposure of Compliance at the Frontlines of the Organization

Keeping up with regulatory content can be a challenge. The constant changes in today’s regulatory environments translate to a growing burden on organizations in terms of the number of regulations… Continue reading COGNITIVE GRC: Enabling Regulatory Change Management

Organizations need to be agile, not just resilient. Agility is the ability to see what is coming at the organization and allow the organization to adjust and navigate to use… Continue reading Cognitive GRC (GRC 5.0): Enabling Enterprise Risk Agility & Resilience

I have been advising organizations on strategy, process, and technology related to ESG for over fifteen years. Of course, it has not been called ESG for that long. It was… Continue reading ESG: The Foundation is Built on Policies

The mature risk and resilience program can be measured against critical elements across governance and oversight, people and engagement, process and execution, and information and technology. Risk & Resilience Governance… Continue reading Checklist to Measure & Improve Risk & Resilience Maturity

Getting to the Head of the Risk & Resiliency Class Organizations with risk and resilience processes siloed within departments operate at the Ad Hoc, Fragmented, or Defined stage. At these… Continue reading Advancing Your Organization’s Risk and Resilience Maturity

Mature risk and resilience management is a seamless part of risk governance and operations. It requires a top-down view of risk and resilience, led by the executives and the board,… Continue reading Five Stages of Risk and Resilience Maturity

Firewalls protect us. In buildings, it is a wall intended to shield and confine a fire to an area to protect the rest of the building. In a vehicle, it… Continue reading The Human Firewall: Essential to Organizations

I have been on the road regularly for the past six weeks with a heavy travel schedule through mid-July that brings me across the USA and Europe. Lots of interactions… Continue reading Agile & Cognitive GRC: a New Generation in GRC Solutions

A dynamic business environment requires the capability to actively manage risk intelligence and fluctuating risks impacting the organization and its relationships. The old paradigm of uncoordinated third-party risk management is… Continue reading Delivering 360° Third-Party Risk Situational Awareness