Archive | The GRC Pundit Blog

Monitoring and Managing Risk Effectively

Organizations take risks all the time but fail to monitor and manage risk effectively. A cavalier approach to risk-taking is a result of a poorly defined risk culture. It results in disaster, providing case studies for future generations on how poor risk management leads to the demise of corporations — even those with strong brands. […]

Continue Reading 0

Understanding & Improving Governance, Risk Management & Compliance

Governance, risk management & compliance (GRC) is something an organization does and not something an organization buys. GRC, done properly, is what is achieved throughout the business and its operations. By definition, GRC is “a capability to reliably achieve objectives [governance] while addressing uncertainty [risk management] and acting with integrity [compliance].” (source: OCEG GRC Capability Model that GRC 20/20 has helped define and […]

Continue Reading 0

Managing Risk & Compliance in the Extended Enterprise

Modern Organization: Interconnected Maze of Relationships No man is an island, entire of itself; Every man is a piece of the continent, a part of the main.[1] Replace the word ‘man’ with ‘organization’ and the seventeenth-century English poet John Donne is describing the post-modern twenty-first century organization. In other words, “No organization is an island […]

Continue Reading 0

Enabling the 1st Line of Defense with Policy, Training & Issue Reporting

Like battling the multi-headed Hydra in Greek mythology, redundant, manual, and uncoordinated governance, risk management, and compliance (GRC) approaches are ineffective. As the Hydra grows more heads of regulation, legal matters, operational risks, and complexity, scattered departments of GRC responsibilities that do not work together become overwhelmed and exhausted and start losing the battle. This […]

Continue Reading 0

Is SMR & CR, the UK Financial Services biggest challenge for 2018?

The UK Senior Manager’s Regime and Certification Regime (UK SMR/CR) is one of the most significant challenges financial services firms are facing right now. The Financial Conduct Authority (FCA) has recently announced that this regulation is going to be applied to all firms governed by the FCA: over 58,000 organizations. This is the governing regulation […]

Continue Reading 0

Defining the Issue Reporting & Case Management Process

Distributed and dynamic business requires the organization to take a strategic approach to issue reporting and case management. Organizations require complete situational and holistic awareness of issues, incidents, investigations, and cases across business operations and processes. This is best approached through structured and accountable processes enabled through an integrated information and technology architecture for issue […]

Continue Reading 0

Follow by Email