I am a James Bond fan and eagerly anticipate the next James Bond film, “No Time to Die.” Unfortunately, because of the global crisis we all now face, we have to wait until November… Continue reading Why Third-Party 360° Situational Risk Awareness is Needed Now More Than Ever

In a time of crisis, like what we face with the global pandemic, centralizing compliance and ethics communications and reporting is critical to streamline interactions, maintain corporate culture and integrity,… Continue reading Centralizing Compliance and Ethics Communications in a Time of Crisis

I may be going out on a limb and stepping on a lot of toes right now by frustrating some careers and reputations of risk managers. Simply put, this global… Continue reading Being Unprepared for the Crisis Does Not Make it a Black Swan

Policies are critical documents in organizations. They define how business is to be conducted as they establish boundaries and expectations for individual and process behavior. Policies enable and intersect all… Continue reading Communicating Policies in a Time of Crisis

These are crazy and uncertain times, but this does not mean governance, risk management, and compliance (GRC) comes to a halt in organizations. It is the opposite, this is the… Continue reading Keep Calm & GRC On!

I feel that I am in an alternate reality. This cannot possibly be the real world. Are we living in a DC multi-verse where there are different GRC technology realities… Continue reading Forrester GRC Wave = Tsunami of Confusion

Business today is changing minute-by-minute and second-by-second. Processes and technology and their configurations are changing. Employees and their access into systems is changing as new employees are hired, others change roles… Continue reading 360° Control Automation, Monitoring & Enforcement

Organizations are dynamic and distributed. They are changing minute-by-minute and second-by-second. That is challenging many risk management programs, but the complexity of distributed business further chaos to the organization and… Continue reading Managing Risk in Dynamic & Distributed Business

Privacy has become a front-and-center compliance risk in organizations around the world. GDPR (Europe), CCPA (California), APP (Australia), PIPEDA (Canada), PDO (Hong Kong), PIPA (Japan), ECTA (South Africa)…the world of… Continue reading 7 Habits of a Highly Effective Privacy Compliance Program

The importance of stages Climbing a mountain like Mount Everest is not done haphazardly. It takes careful planning and an organized route. It also involves breaking the trek up the… Continue reading UK SMCR: Trekking Up the Mountain

Business is No Longer Brick & Mortar Walls I was recently talking to a global manufacturer about the challenges they face in defining their organization. The challenge is that there… Continue reading Third Party GRC vs Third Party Risk Management