Upcoming Events . . .
Latest Pontifications & Thoughts . . .
-
GRC Archetypes: Compliance & Ethics Management
Compliance and ethics has become a significant challenge for organizations across industries, geographies, and business boundaries. It is inundated with challenges such as anti-bribery and corruption, market conduct, conflict of… Continue reading GRC Archetypes: Compliance & Ethics Management
-
GRC Archetypes: Policy Management
Policy management is the capability to establish, manage, monitor, and enforce policies to reliably achieve objectives, while addressing uncertainty, and act with integrity across the organization (adapted from the OCEG GRC definition).… Continue reading GRC Archetypes: Policy Management
-
GRC Archetypes: Third Party Management
Third party management is the capability to reliably achieve objectives, while addressing uncertainty, and act with integrity in and across the organizations third party relationships/extended enterprise (adapted from the OCEG… Continue reading GRC Archetypes: Third Party Management
-
Diary of a Wimpy GRC Solution
I understand what it is like to be the underdog. In grade school and junior high I was the target to be picked on. The scrawny emotional kid that was… Continue reading Diary of a Wimpy GRC Solution
-
Three Lines of Defense: Enabling High Performing Organizations
Like battling the multi-headed Hydra in Greek mythology, redundant, manual, and uncoordinated governance, risk management, and compliance (GRC) approaches are ineffective. As the Hydra grows more heads of regulation, legal… Continue reading Three Lines of Defense: Enabling High Performing Organizations
-
Role of Technology in Risk Management Maturity
To maintain the integrity of the organization and execute on strategy, the organization has to be able to see their individual risk (the tree) as well as the interconnectedness of… Continue reading Role of Technology in Risk Management Maturity
-
Do You Know Your Third-Party Risks?
Increasing Exposure to Third-Party Risks The Modern Organization is an Interconnected Mesh of Relationships Brick and mortar business is a thing of the past: physical buildings and conventional employees no… Continue reading Do You Know Your Third-Party Risks?
-
Pitfalls in GRC Software Selection and RFPs
There is a broad array of governance, risk management, and compliance (GRC) related solutions available in the market. In fact, GRC 20/20 has catalogued and mapped over 800 technology solutions and… Continue reading Pitfalls in GRC Software Selection and RFPs
-
Increased Pressure to Control Spreadsheets and Documents
Pervasiveness of End User Computing Brings Risk Use of end user computing applications such as spreadsheets, emails, and other document types has revolutionized how technology creates value for organizations. However,… Continue reading Increased Pressure to Control Spreadsheets and Documents
-
Gartner: Missing the Risk & Compliance (GRC) Target
Gartner, in context of governance, risk management, and compliance (GRC) related research, is ignorant and harmful to organizations that rely on their research publications and advice. In full disclosure, Gartner… Continue reading Gartner: Missing the Risk & Compliance (GRC) Target
-
Understanding Risk Management Process & Architecture
The risk management strategy and policy is supported and operationalized through a risk management architecture. Organizations require complete situational and holistic awareness of risks across operations, processes, transactions, and data… Continue reading Understanding Risk Management Process & Architecture
-
Third Party Risk: Gaining Certainty in Global Relationships
One of the greatest governance, risk management and compliance challenges before organizations is managing the web of third party business relationships. Brick and mortar business is a thing of the past:… Continue reading Third Party Risk: Gaining Certainty in Global Relationships
