Fans of the story, Alice in Wonderland, will remember how the Cheshire Cat answered Alice when she asked him which way to go. He answered, “If you don’t know where you… Continue reading Vendor Performance & SLA Management: A Quick Guide

Dissociated data, systems, processes, and a myopic risk vision leaves the organization with fragments of the truth that fail to see the big picture of third-party performance, risk, and compliance… Continue reading Defining Third-Party GRC Management

The Modern Organization is an Interconnected Web of Relationships No man is an island, entire of itself;Every man is a piece of the continent, a part of the main. John… Continue reading The Extended Enterprise Demands Attention

Below is Michael Rasmussen’s article found in the Summer 2021 issue of Enterprise Risk, published by the Institute of Risk Management (The IRM). Before last year, risk managers knew they were living in… Continue reading Relationship Trouble: The Pandemic’s Web of Interconnected Risks

In my previous post, The Board’s Role in Leading and Enabling GRC, I emphasized the board’s critical role in delivering on the G in GRC, governance. This post discusses how to… Continue reading Integrating a Top-Down Board View of GRC With a Bottom-Up Operational View of GRC

COVID-19 is not the only pandemic; it has sprung a chain of pandemics and increased risk exposure in areas. One such pandemic plaguing organizations in response to COVID-19 is the… Continue reading The Second Wave of the Policy Management Pandemic

In my first post, A Quick Guide to ESG and Risk Management in the Extended Enterprise, I outlined what ESG (environmental, social and governance) is and how it impacts third-party risk… Continue reading Modern Slavery Risk Assessments in the Extended Enterprise: A Quick Guide

Gone are the years of simplicity in business operations. Exponential growth and changes in risks, regulations, globalization, distributed operations, competitive velocity, technology, and business data encumber organizations of all sizes.… Continue reading The Board’s Role in Leading and Enabling GRC

There is a new CIO in town . . . the Chief Ethics and Compliance Officer (CECO). This is not to replace the Chief Information Officer, but the CECO is… Continue reading There is a new CIO in town . . . the Chief Ethics and Compliance Officer (CECO)

In my previous post, A Quick Guide to ESG and Risk Management in the Extended Enterprise, I outlined what environmental, social and governance (ESG) is and how it impacts third-party risk… Continue reading A Quick Guide to Anti-Bribery & Corruption (ABAC) Risk in the Extended Enterprise

The extended enterprise defines business today. An organization is not defined by brick and mortar walls and traditional employees. The organization is a web of third-party relationships of suppliers, vendors,… Continue reading ESG is about to ROCK the Third-Party Risk World

Having an opinion of where corporate compliance and ethics should report outside of legal is like the opening sequence to Indiana Jones: Raiders of the Lost Ark. Indiana carefully makes his… Continue reading Where Should Compliance & Ethics Report?