Upcoming Events . . .

Latest Pontifications & Thoughts . . .

  • People and Policy: Building Compliance and Ethics into Your Company’s DNA

    People and Policy: Building Compliance and Ethics into Your Company’s DNA

    It’s not enough to have the right policies in place — you have to embed those policies into the fabric of your organization. In today’s fast-paced and interconnected business world, ensuring… Continue reading People and Policy: Building Compliance and Ethics into Your Company’s DNA

  • Germany’s IDW PS 340 Auditing Standard: Understanding Risk Correlation

    Germany’s IDW PS 340 Auditing Standard: Understanding Risk Correlation

    Risk management is an evolving discipline, especially in today’s interconnected world, where risks are no longer isolated. They often have cascading effects, where one risk can trigger or amplify others,… Continue reading Germany’s IDW PS 340 Auditing Standard: Understanding Risk Correlation

  • The Titanic: A Case Study in Flawed Risk Management

    The Titanic: A Case Study in Flawed Risk Management

    How Poor Risk Management Sunk the Unsinkable, and Lessons Learned in Identifying Blind Spots in the Modern Threatscape The story of the Titanic is one of the most infamous disasters… Continue reading The Titanic: A Case Study in Flawed Risk Management

  • A New Era: Embracing the Role of Digital Risk & Resilience

    A New Era: Embracing the Role of Digital Risk & Resilience

    In the rapidly evolving landscape of governance, risk management, and compliance (GRC), information security is undergoing a significant transformation. This evolution reflects the growing complexity and interconnectedness of digital risks… Continue reading A New Era: Embracing the Role of Digital Risk & Resilience

  • Increased Demand for Evidence-Based Compliance: EU Surpasses the USA

    Increased Demand for Evidence-Based Compliance: EU Surpasses the USA

    For many years, the global compliance landscape was dominated by a checkbox-driven approach, primarily led by the United States. Compliance programs in the U.S. focused on prescriptive rules, and adherence… Continue reading Increased Demand for Evidence-Based Compliance: EU Surpasses the USA

  • The Tunnel of Eupalinos: a Blueprint for Connecting Strategic and Operational Risk & Resilience

    The Tunnel of Eupalinos: a Blueprint for Connecting Strategic and Operational Risk & Resilience

    Risk management, when done effectively, is both an art and a science, requiring a careful balance of top-down strategic insight in the context of the organization’s objectives and bottom-up operational… Continue reading The Tunnel of Eupalinos: a Blueprint for Connecting Strategic and Operational Risk & Resilience

  • Ethics, Compliance & Risk Culture in Denmark: A Model of Orderliness and Mindfulness

    Ethics, Compliance & Risk Culture in Denmark: A Model of Orderliness and Mindfulness

    Denmark is often lauded for its high quality of life, progressive social policies, and exemplary governance. However, there is something more subtle yet profoundly impactful that one notices when visiting… Continue reading Ethics, Compliance & Risk Culture in Denmark: A Model of Orderliness and Mindfulness

  • Beyond the Heatmap: Rethinking Risk Management for the Modern Age

    Beyond the Heatmap: Rethinking Risk Management for the Modern Age

    In today’s rapidly evolving business landscape, risk management is no longer just about avoiding pitfalls—it’s about navigating the uncertain waters of opportunity and danger with agility and resilience. The modern… Continue reading Beyond the Heatmap: Rethinking Risk Management for the Modern Age

  • Modernizing Policy Management: The Urgent Need for Automation

    Modernizing Policy Management: The Urgent Need for Automation

    Effective policy management is critical to maintaining organizational integrity, compliance, and operational efficiency. Yet, many organizations remain trapped in outdated, manual processes that create a mess of confusion, inefficiency, and… Continue reading Modernizing Policy Management: The Urgent Need for Automation

  • Strengthening the Bonds of the Extended Enterprise: A Unified Approach to Third-Party Risk Management

    Strengthening the Bonds of the Extended Enterprise: A Unified Approach to Third-Party Risk Management

    In today’s interconnected world, the relationships that businesses forge with third parties are akin to friendships—built on trust, integrity, and resilience. Just as strong friendships require shared values, ethical behavior,… Continue reading Strengthening the Bonds of the Extended Enterprise: A Unified Approach to Third-Party Risk Management

  • The Death of the CISO: A Eulogy & Reincarnation

    The Death of the CISO: A Eulogy & Reincarnation

    I am sure this will be controversial, many love their role and title. First, some perspective . . . my career started in IT security. I cut my GRC teeth… Continue reading The Death of the CISO: A Eulogy & Reincarnation

  • Seven AI Samurai of GRC: Protecting the Organization

    Seven AI Samurai of GRC: Protecting the Organization

    I love feudal Japan! After my love for medieval Europe is my love for feudal Japan. Perhaps they are on par with each other as both of these eras excite… Continue reading Seven AI Samurai of GRC: Protecting the Organization