Last week we explored where third-party risk management strategy and technology fail, this week we turn our attention to where enterprise/operational/integrated risk management strategies and technologies fail. Yes, that world… Continue reading Where Risk Management Strategy & Technology Fail . . .

The need for cybersecurity is growing with the dynamic, distributed, disrupted, and particularly digital nature of business. Digital transformation is making cybersecurity even more critical to protect the organization, maintain… Continue reading Strengthen Your Cybersecurity Management Policy With the Human Firewall

How do you define the modern organization?  There is no binary boundary to the organization anymore, no more black and white. It is impossible to clearly state that this is… Continue reading ESG and the Geopolitical Complexities of Supplier Risk

The modern organization is not defined by brick-and-mortar walls and traditional employees. The modern organization is the Extended Enterprise of third-party and nth-party relationships. The suppliers, vendors, outsourcers, service providers,… Continue reading Where Third-Party Risk Strategy & Technology Fail . . .

Have you ever heard of the Winchester Mystery House in San Jose, California? It’s a sprawling mansion that was built in the 1800s at the cost of $5.5 million (calculate inflation,… Continue reading Measuring Value: Making GRC Processes Efficient, Effective, and Agile

ESG – Environmental, Social, and Governance – has been creating a barrage of pressure upon organizations across industries and around the world in recent years. Corporate investors are making capital… Continue reading Practically Understanding and Delivering ESG in Today’s Organization

The physicist Fritjof Capra stated: “The more we study the major problems of our time, the more we come to realize that they cannot be understood in isolation. They are systemic… Continue reading Rasmussen’s Strategic Pillars of GRC: Agility, Resiliency, Integrity

Too often GRC – governance, risk management, compliance – is approached backwards. Using the acronym, one would think it is CRG, or even Cr (lower case intentional). Too many organizations… Continue reading GRC Done Right Starts With the Business: Objectives, Performance, Processes

Compliance and ethics do not happen in the back office but at all levels of the organization. From the top down to the front-line employees. Compliance and ethics done right… Continue reading The Exposure of Compliance at the Frontlines of the Organization

Keeping up with regulatory content can be a challenge. The constant changes in today’s regulatory environments translate to a growing burden on organizations in terms of the number of regulations… Continue reading COGNITIVE GRC: Enabling Regulatory Change Management

Organizations need to be agile, not just resilient. Agility is the ability to see what is coming at the organization and allow the organization to adjust and navigate to use… Continue reading Cognitive GRC (GRC 5.0): Enabling Enterprise Risk Agility & Resilience

I have been advising organizations on strategy, process, and technology related to ESG for over fifteen years. Of course, it has not been called ESG for that long. It was… Continue reading ESG: The Foundation is Built on Policies