Upcoming Events . . .
Latest Pontifications & Thoughts . . .
-
Manage Third Party Risk Exposure in an Interconnected World
Realize that everything connects to everything else. Leonardo da Vinci The world is flat, risk is pervasive, and organizations have no boundaries. We operate in a global and interconnected world.… Continue reading Manage Third Party Risk Exposure in an Interconnected World
-
FCPA: Change is in the Air
The past few months have seen some interesting developments in context of the U.S. Foreign Corrupt Practices Act (FCPA). I get more questions on anti-bribery and corruption than any other… Continue reading FCPA: Change is in the Air
-
From Backcountry Ranger to GRC Pundit
It is the Thanksgiving holiday here in the United States, so I thought I would make this post a little more personal. I am grateful for all of my clients,… Continue reading From Backcountry Ranger to GRC Pundit
-
The Agile Organization: GRC in Context of Regulatory Change
Change is an intricate machine of chaotic gears and movements and is the single greatest challenge for organizations in the context of governance, risk management, and compliance (GRC). The challenge… Continue reading The Agile Organization: GRC in Context of Regulatory Change
-
IT GRC > IT Security
If you have been following my research over the course of the past 15 years you will know that I have often been frustrated when IT GRC has been understood to be confined to IT security management. In fact, you can find some of my Forrester reports (2001 to 2007) that often challenge the captivity…
-
Now Accepting 2015 GRC Value Award Nominations
GRC 20/20 is accepting nominations for the 2015 GRC Value Awards! Successful governance, risk management, and compliance (GRC) delivers the ability to effectively mitigate risk, meet requirements, satisfy auditors, achieve human… Continue reading Now Accepting 2015 GRC Value Award Nominations
-
Quick Start to a GRC RFP
The GRC market is a broad market with a variety of segments. It is not all about Enterprise GRC Platforms. In fact, only about 25% of the inquiries GRC 20/20 gets from organizations are for Enterprise GRC strategies and platforms. A good 75% of the market is aimed at solving department and specific regulatory or…
-
How to Purchase Policy Management Solutions
A well-conceived technology architecture for policy and training management can enable a common policy and training framework across multiple departments, or just one department as appropriate. Organizations need a policy management platform that is context-driven and adaptable to a dynamic and changing environment. Compared to the ad hoc method in use in most organizations today,…
-
Demand & Market for GRC Content & Intelligence Offerings
The role of content in GRC strategies, solutions, and architecture is becoming significant. Organizations find that they need access to risk and compliance intelligence updates, regulatory changes, risk libraries, audit templates, sanction and watch lists, sample policies, and more. GRC solutions are often differentiating themselves by their ability to provide and integrate a range of…
-
A Strategic Approach to Third Party Management, Part 2: Designing an Integrated Architecture to Support Your Strategy
Third party management processes are used to manage and monitor the ever-changing relationship, risk, and regulatory environments in extended business relationships. While third party processes can vary by organization and industry, the common components are . . .
-
Now Accepting 2015 GRC Innovation Award Nominations
It has been stated that: Any intelligent fool can make things bigger, more complex and more violent. It takes a touch of genius – and a lot of courage to move in the opposite direction. A primary directive of innovation is to provide experience that is simple yet complete. Like Apple with its innovative technologies,…
-
Considerations When Purchasing Policy Management Solutions
With today’s complex business operations, global expansion, and the ever changing legal, regulatory and compliance environments, a well-defined policy management program is vital to enable an organization to effectively develop and maintain the policies needed to reliably achieve objectives while addressing uncertainty and act with integrity. This is why organizations are aggressively looking at policy…
