Upcoming Events . . .

Latest Pontifications & Thoughts . . .

  • When to Write a Policy

    Policies address risk and they introduce risk. Too many policies bring about a state of over control and possibly non-compliance as the organization cannot manage and monitor the policies in place. Too… Continue reading When to Write a Policy

  • Effective Policy Management & Communication Workshop

    GRC 20/20 Workshops provide interactive training to groups of people on a range of GRC topics. These workshops provide a collaborative learning environment in which the attendees will be guided… Continue reading Effective Policy Management & Communication Workshop

  • GRC Architecture Workshop

    GRC 20/20 Workshops provide interactive training to groups of people on a range of GRC topics. These workshops provide a collaborative learning environment in which the attendees will be guided… Continue reading GRC Architecture Workshop

  • Effective Regulatory Change Management Workshop

    GRC 20/20 Workshops provide interactive training to groups of people on a range of GRC topics. These workshops provide a collaborative learning environment in which the attendees will be guided… Continue reading Effective Regulatory Change Management Workshop

  • Mature Governance, Risk Management & Compliance Needs an Enterprise Architecture Approach

    Mature GRC requires an understanding of the business – its strategy, organizational structure, processes, risks, obligations, commitments, and objectives. The goal of GRC is to enable the organization to govern the organization and manage risk and compliance in the context of business. Achieving GRC maturity requires a GRC architecture that leverages an understanding of enterprise…

  • 2014 GRC Value Award Nominations are Being Accepted

    The 2014 GRC Value awards are to recognize GRC solutions that have returned significant and measurable value to an organization. Whether technology, content, or professional service providers – all can… Continue reading 2014 GRC Value Award Nominations are Being Accepted

  • Inevitable Failure: Disconnected Risk & Policy Management

    Business is complex.  Gone are the years of simplicity in business operations.  Exponential growth and change in regulations, globalization, distributed operations, changing processes, competitive velocity, business relationships, disruptive technology, legacy… Continue reading Inevitable Failure: Disconnected Risk & Policy Management

  • The GRC Pundit Discusses ERP Maestro's 2014 Innovation Award

    GRC 20/20 Discusses the reasons behind ERP Maestro’s 2014 Innovation Award from ERP Maestro® on Vimeo.

  • GRC Analyst Rant: Throwing Down the GRC Analyst Gauntlet

    All organizations do GRC (governance, risk management, and compliance).  It does not matter if the organization uses the acronym or not, every organization has some approach to the elements of… Continue reading GRC Analyst Rant: Throwing Down the GRC Analyst Gauntlet

  • ERP Maestro: Automated Security & Access Controls Through the Cloud

    Executive Summary  Organizations face increased pressure to ensure business applications such as Enterprise Resource Planning (ERP) systems are secure and access control risks are managed in the context of a… Continue reading ERP Maestro: Automated Security & Access Controls Through the Cloud