Upcoming Events . . .
Latest Pontifications & Thoughts . . .
2012 GRC Technology Innovation Awards
GRC technology innovation is alive and well! As I mentioned in last week’s posting, the GRC market is now 10 years old. It was in February 2002 that I first… Continue reading 2012 GRC Technology Innovation Awards
State of the GRC Market, Q1-2012
2012: The Chinese Year of the Dragon to Mayan Doomsday prophesies – this year certainly proves to be interesting (note: I myself do not hold to these views; feel free… Continue reading State of the GRC Market, Q1-2012
Process Framework for Managing Compliance Risk
Organization exposure to compliance risk is rising at the same time the cost of compliance soars. An ad hoc or reactive approach to compliance brings complexity, forcing business to be… Continue reading Process Framework for Managing Compliance Risk
How to Buy GRC (Risk & Compliance) Software
The GRC software space is vast with numerous vendors. In fact, in my market models there are over 400 GRC software providers that span 28 primary categories (with numerous sub-categories)… Continue reading How to Buy GRC (Risk & Compliance) Software
Principles of Compliance Risk Management
Understanding and Approaching Compliance and Ethics Risk Historically the compliance function did not understand and model processes for risk management. Compliance documented and met requirements, and found and resolved issues.… Continue reading Principles of Compliance Risk Management
Regulations and a Demand for Integrity Bear Down on the Organization
Managing an organization’s ethics and values is challenging enough. A legion of laws, regulations, contractual obligations, judgments, and fines bear down on the organization and the CECO in the 21st… Continue reading Regulations and a Demand for Integrity Bear Down on the Organization
The Leading GRC Technology Vendor Is . . .
Before even getting into technology and vendors it is necessary to understand what GRC is about. I argue that GRC is nothing new – we have been doing GRC long… Continue reading The Leading GRC Technology Vendor Is . . .
Role of Technology in Anti-corruption Compliance
With increased exposure to anti-corruption laws and investigations, and defined anti-corruption practices, how does an organization go about using technology to manage anti-corruption compliance? Compliance needs to be an active part of the… Continue reading Role of Technology in Anti-corruption Compliance
Meeting Anti-Corruption Obligations
With increased exposure to anti-corruption laws and investigations, how does an organization respond to anti-corruption compliance obligations? The best offense in anti-corruption is a good defense. Organizations must be prepared… Continue reading Meeting Anti-Corruption Obligations
Accountability in Policy Management
Organizations often lack an auditable means of policy communication, attestation and training. There are various processes and approaches to tracking policy attestation and certification (making sure policy documents are… Continue reading Accountability in Policy Management
Investigation Technology Platforms: What to Look For
Investigations management processes are enabled through implementation of the right investigation technology platform. The technology solution is crucial, because it offers the adaptability needed for the dynamic nature and geographic… Continue reading Investigation Technology Platforms: What to Look For
Hordes of Policies Scattered Across the Organization
Policy management is a critical component of a governance, risk, and compliance (GRC) strategy because it describes the desired practices and behaviors of the company under specific circumstances. Too often,… Continue reading Hordes of Policies Scattered Across the Organization
