Upcoming Events . . .

Latest Pontifications & Thoughts . . .

  • BPS & Resolver – Synergetic Merger

    2010 is proving to be an interesting year for the reorganization of the GRC space. It kicked off with the public announcement of the EMC/RSA acquisition of Archer Technologies. Shortly… Continue reading BPS & Resolver – Synergetic Merger

  • CCEP – Certified Compliance & Ethics Professional

    I just passed the Certified Compliance & Ethics Professional (CCEP) exam from the Society of Corporate Compliance & Ethics (SCCE). While I meant to do this years a go –… Continue reading CCEP – Certified Compliance & Ethics Professional

  • Corporate Policies in Disarray and Chaos

      Policies are a critical component of a GRC strategy – but often the most overlooked or neglected component. It amazes me the number of companies I go into that… Continue reading Corporate Policies in Disarray and Chaos

  • GRC Reference Architecture: Industry, Geographic, & Technology Views

      Over the past few months we have explored together the various components of my GRC Reference Architecture. This embodies the technology end of my broader GRC EcoSystem – which… Continue reading GRC Reference Architecture: Industry, Geographic, & Technology Views

  • 2010 GRC Research Agenda & Education

      Happy New Year! I trust that 2010 will bring you success and direction in your personal and professional life. First I need to state a deep thank you to… Continue reading 2010 GRC Research Agenda & Education

  • EMC/RSA Acquisition of Archer: 1 + 1 = 3

    For the past two years Archer Technologies has been a disruptive force in the GRC market. They have been going strong in the IT/information security segment of GRC for several… Continue reading EMC/RSA Acquisition of Archer: 1 + 1 = 3

  • Enhancing Business Performance through Risk Management

      The following is an abstract from my latest research piece “Enhancing Business Performance through Risk Management“ While the market seems eager to grasp onto the phrase “risk intelligence,” it… Continue reading Enhancing Business Performance through Risk Management

  • GRC Reference Architecture: Role/Process Specific Applications

      Over the past few weeks we have looked at both theinformation model and the enterprise application core of Corporate Integrity’s GRC Reference Architecture. The GRC Reference Architecture provides the… Continue reading GRC Reference Architecture: Role/Process Specific Applications

  • Good Risk Management Guidance – Here At Last in ISO 31000

    We interrupt this broadcast . . . yes, I know many of you have been waiting in eager participation for my next installment of the GRC Reference Architecture which is… Continue reading Good Risk Management Guidance – Here At Last in ISO 31000

  • GRC Reference Architecture: the GRC Enterprise Application Core

      Friend, Last week we began our presentation of the GRC Reference Architecture, which is part of my broader GRC EcoSystem (which includes over 1300 technology, professional service, and information… Continue reading GRC Reference Architecture: the GRC Enterprise Application Core

  • GRC Reference Architecture: Enterprise Data Architecture & Framework

      GRC – Governance, Risk, & Compliance. Whether you use this specific acronym or not the fact is your organization does GRC. There is not a single executive that will… Continue reading GRC Reference Architecture: Enterprise Data Architecture & Framework

  • Pfizer's Corporate Integrity Agreement & Compliance Officer Positioning Survey

      From the SCCE: In the recent Corporate Integrity Agreement between Pfizer and the Office of the Inspector General of the Department of Health and Human Services, Pfizer agreed that… Continue reading Pfizer's Corporate Integrity Agreement & Compliance Officer Positioning Survey