Upcoming Events . . .
Latest Pontifications & Thoughts . . .
The Role of Technology in Compliance Risk Management
Organizational exposure to compliance risk is rising while the cost of compliance soars. An ad hoc or reactive approach to compliance brings complexity, forcing business to be less agile. Organizations… Continue reading The Role of Technology in Compliance Risk Management
Compliance: An Integral Part of Risk Management
Increased regulatory and ethical pressures are transforming the traditional role of compliance. Compliance departments are taking on broader responsibility for ethics, compliance, corporate culture, and social responsibility. With greater frequency,… Continue reading Compliance: An Integral Part of Risk Management
Compliance and Risk Bear Down on the Organization
Compliance in Dynamic and Distributed Business Compliance is not easy. Organizations across industries have global clients, partners, and business operations. The larger the organization the more complex its operations. Adding… Continue reading Compliance and Risk Bear Down on the Organization
Complexities of IT GRC Hinders Organizations
Organizations operate in a complex environment of risk, compliance requirements, and vulnerabilities that interweave through departments, functions, processes, technologies, roles, and relationships. What may seem as an insignificant IT risk… Continue reading Complexities of IT GRC Hinders Organizations
Policy Management Demands Attention
The Foundational Role of Policies in GRC Strategies Policies are critical to the organization as they establish boundaries of behavior for individuals, processes, relationships, and transactions. Starting at the policy… Continue reading Policy Management Demands Attention
Information Security in Context: The CISO as a Transformational Role in Risk Management
Information Security at the Center of Risk Chaos Inevitable Failure: Managing Information Risk in a Silo Organizations are complex. Exponential growth and change in technology, vulnerabilities, regulations, globalization, distributed operations,… Continue reading Information Security in Context: The CISO as a Transformational Role in Risk Management
The GRC Economy
I am often asked, “What do you do?” My simple answer, that I do not like, is to say that I am a consultant. This does not always help as… Continue reading The GRC Economy
IT GRC Management by Design, New York
Organizations are complex. Exponential growth and change in technology, vulnerabilities, regulations, globalization, distributed operations, changing processes, competitive velocity, business relationships, legacy technology, and business data exposes organizations of all sizes.… Continue reading IT GRC Management by Design, New York
The Critical Foundation of Third Party Management is Technology
In previous posts we looked at the following: How to Develop a Third Party Management Strategy How to Define a Third Party Management Process Lifecycle Now we turn our attention… Continue reading The Critical Foundation of Third Party Management is Technology
How to Define a Third Party Management Process Lifecycle
The third party management strategy and policy is supported and made operational through a third party management architecture. The organization requires complete situational and holistic awareness of third party relationships… Continue reading How to Define a Third Party Management Process Lifecycle
Understanding the Variety of GRC Intelligence & Content Solutions
There are lots of GRC solutions available in the market, most of which do not even call themselves GRC as they are laser focused in specific GRC areas. In fact,… Continue reading Understanding the Variety of GRC Intelligence & Content Solutions
How to Develop a Third Party Management Strategy
Managing third party activities in disconnected silos leads the organization to inevitable failure. Without a coordinated third party management strategy the organization and its various departments never see the big… Continue reading How to Develop a Third Party Management Strategy
