Business is global, distributed and dynamic. Organizations of all sizes and industries have global client, partner, vendor and supply-chain relationships. Adding to this complexity is the dynamic nature of business… Continue reading Mitigating Risk in the Era of the Corporate Bounty Hunter

Lacking an integrated view of GRC results in business processes, partners, employees and systems that behave like leaves blowing in the wind. Modern business requires a new paradigm for tackling… Continue reading GRC Maturity: Measuring a New Paradigm for Risk and Compliance

Success in today’s dynamic business environment requires the organization to integrate, build, and support business process with an enterprise view of governance, risk management, and compliance (GRC).  Without an integrated… Continue reading Inevitability of Failure: Managing GRC in Silos

GRC technology innovation is alive and well! As I mentioned in last week’s posting, the GRC market is now 10 years old. It was in February 2002 that I first… Continue reading 2012 GRC Technology Innovation Awards

2012: The Chinese Year of the Dragon to Mayan Doomsday prophesies – this year certainly proves to be interesting (note: I myself do not hold to these views; feel free… Continue reading State of the GRC Market, Q1-2012

Organization exposure to compliance risk is rising at the same time the cost of compliance soars. An ad hoc or reactive approach to compliance brings complexity, forcing business to be… Continue reading Process Framework for Managing Compliance Risk

The GRC software space is vast with numerous vendors.  In fact, in my market models there are over 400 GRC software providers that span 28 primary categories (with numerous sub-categories)… Continue reading How to Buy GRC (Risk & Compliance) Software

Understanding and Approaching Compliance and Ethics Risk Historically the compliance function did not understand and model processes for risk management. Compliance documented and met requirements, and found and resolved issues.… Continue reading Principles of Compliance Risk Management

Managing an organization’s ethics and values is challenging enough. A legion of laws, regulations, contractual obligations, judgments, and fines bear down on the organization and the CECO in the 21st… Continue reading Regulations and a Demand for Integrity Bear Down on the Organization

Before even getting into technology and vendors it is necessary to understand what GRC is about.  I argue that GRC is nothing new – we have been doing GRC long… Continue reading The Leading GRC Technology Vendor Is . . .