Take advantage of GRC’s structured guidance to deliver on ESG strategy and processes. ESG – Environmental, Social, and Governance – is pressuring organizations from every angle. Investors are making investment… Continue reading How to Operationalize ESG with GRC

The Federal Risk and Authorization Management Program (FedRAMP) has been in place for just over a decade (2011). Its purpose is to provide a “cost-effective, risk-based approach for the adoption… Continue reading Improving FedRAMP: Federal Procurement & Risk Management

Gone are the years of simplicity in business operations. Rapid growth and change in risks, regulations, globalization, distributed operations, competitive velocity, technology, and business data encumbers organizations of all sizes.… Continue reading Operationalize Compliance to Ensure 360° Visibility into Operational Resilience 

Organizations often fail to monitor and manage compliance controls effectively in an environment that demands agility. This results in the inevitable failure of compliance that provides case studies for future… Continue reading How do you add compliance controls in different parts of your business?

Organizations need to be organizations of integrity. What we communicate to the world about our policies, compliance and ethics practices, values, code of conduct, regulatory commitments, and now ESG statements… Continue reading Strategies to Drive Compliance Operationalization

IRM – Surprise! But it its not what you think. I have not changed my stance on Gartner’s misaligned Integrated Risk Management. This is the Institute of Risk Management, the… Continue reading IRM Risk Predictions 2022

Organizations take legal risks all the time but often fail to integrate these risks effectively in an environment that is continuously changing and requires agility. Too often legal is seen… Continue reading Breaking Silos with GRC and Legal

Gone are the days of simplicity in business operations. The challenges that are thrown by ever-changing regulations, distributed operations, highly competitive business landscape, evolving technologies, and huge volumes of business… Continue reading Rethinking Risk Across the Enterprise

Lacking an integrated view of risk and resilience results in business processes, services, employees, and systems that behave like leaves blowing in the wind. Organizations need to develop, nurture, and… Continue reading A New Paradigm in Risk, Resiliency & Continuity Integration

Shadows haunt the organization. Today’s organization is encumbered by things like shadow processes and shadow IT. These are rogue processes and technology that get implemented in the depths of the… Continue reading Building a Mature GRC Program: The Top 5 Considerations

Here are some thoughts on how to mature a policy management strategy from the recent GRC 20/20 research report, Risk & Resiliency Management Maturity Model: A New Paradigm on Risk,… Continue reading 360° Visibility into Risk & Resilience