Upcoming Events . . .
Latest Pontifications & Thoughts . . .
-
Communicating Policies in a Time of Crisis
Policies are critical documents in organizations. They define how business is to be conducted as they establish boundaries and expectations for individual and process behavior. Policies enable and intersect all… Continue reading Communicating Policies in a Time of Crisis
-
Keep Calm & GRC On!
These are crazy and uncertain times, but this does not mean governance, risk management, and compliance (GRC) comes to a halt in organizations. It is the opposite, this is the… Continue reading Keep Calm & GRC On!
-
Forrester GRC Wave = Tsunami of Confusion
I feel that I am in an alternate reality. This cannot possibly be the real world. Are we living in a DC multi-verse where there are different GRC technology realities… Continue reading Forrester GRC Wave = Tsunami of Confusion
-
360° Control Automation, Monitoring & Enforcement
Business today is changing minute-by-minute and second-by-second. Processes and technology and their configurations are changing. Employees and their access into systems is changing as new employees are hired, others change roles… Continue reading 360° Control Automation, Monitoring & Enforcement
-
Managing Risk in Dynamic & Distributed Business
Organizations are dynamic and distributed. They are changing minute-by-minute and second-by-second. That is challenging many risk management programs, but the complexity of distributed business further chaos to the organization and… Continue reading Managing Risk in Dynamic & Distributed Business
-
7 Habits of a Highly Effective Privacy Compliance Program
Privacy has become a front-and-center compliance risk in organizations around the world. GDPR (Europe), CCPA (California), APP (Australia), PIPEDA (Canada), PDO (Hong Kong), PIPA (Japan), ECTA (South Africa)…the world of… Continue reading 7 Habits of a Highly Effective Privacy Compliance Program
-
UK SMCR: Trekking Up the Mountain
The importance of stages Climbing a mountain like Mount Everest is not done haphazardly. It takes careful planning and an organized route. It also involves breaking the trek up the… Continue reading UK SMCR: Trekking Up the Mountain
-
Third Party GRC vs Third Party Risk Management
Business is No Longer Brick & Mortar Walls I was recently talking to a global manufacturer about the challenges they face in defining their organization. The challenge is that there… Continue reading Third Party GRC vs Third Party Risk Management
-
How Mature is Governance, Risk Management & Compliance (GRC) in Your Organization?
GRC maturity has evolved over the past fifteen years since OCEG first published the GRC Capability Model and we have measured these changes along the way. In 2019 we conducted… Continue reading How Mature is Governance, Risk Management & Compliance (GRC) in Your Organization?
-
Tale of Two Futures: Blade Runner or Star Trek?
It was the best of times, it was the worst of times, it was the age of wisdom, it was the age of foolishness, it was the epoch of belief,… Continue reading Tale of Two Futures: Blade Runner or Star Trek?
-
GRC 4.0 – Agile GRC in a Dynamic & Disrupted Organization
Governance, risk management, and compliance (GRC) is the capability to reliably achieve objectives [GOVERNANCE] while addressing uncertainty [RISK MANAGEMENT] and act with integrity [COMPLIANCE]. The components of GRC provide the… Continue reading GRC 4.0 – Agile GRC in a Dynamic & Disrupted Organization
-
From GRC 1.0 to GRC 5.0: A History of Technology for GRC
Governance, Risk Management and Compliance (GRC) is “a capability to reliably achieve objectives [GOVERNANCE], while addressing uncertainty [RISK MANAGEMENT], and act with integrity [COMPLIANCE].” This is the official definition of… Continue reading From GRC 1.0 to GRC 5.0: A History of Technology for GRC
