Upcoming Events . . .
Latest Pontifications & Thoughts . . .
GRC 4.0 – Agile GRC in a Dynamic & Disrupted Organization
Governance, risk management, and compliance (GRC) is the capability to reliably achieve objectives [GOVERNANCE] while addressing uncertainty [RISK MANAGEMENT] and act with integrity [COMPLIANCE]. The components of GRC provide the… Continue reading GRC 4.0 – Agile GRC in a Dynamic & Disrupted Organization
From GRC 1.0 to GRC 5.0: A History of Technology for GRC
Governance, Risk Management and Compliance (GRC) is “a capability to reliably achieve objectives [GOVERNANCE], while addressing uncertainty [RISK MANAGEMENT], and act with integrity [COMPLIANCE].” This is the official definition of… Continue reading From GRC 1.0 to GRC 5.0: A History of Technology for GRC
Is Policy Management Causing More Pain than Gain?
The Policy Management Illustrated Series Frustrated by policy management? Having trouble finding all the policies (both authorized and unauthorized) floating around in your organization? Wasting time and resources that could… Continue reading Is Policy Management Causing More Pain than Gain?
Exposing IRM for What it Really is: GRC Light
Gartner, particularly John Wheeler, is hard at work trying to convince the world that their Integrated Risk Management (IRM) is something new to replace Governance, Risk Management & Compliance. You… Continue reading Exposing IRM for What it Really is: GRC Light
Understanding Third Party GRC Maturity: Agile Stage
A haphazard department- and document-centric approach for third party GRC compounds the problem and does not solve it. It is time for organizations to step back and mature their third-party… Continue reading Understanding Third Party GRC Maturity: Agile Stage
The Intersection of GRC and Policy Management
Policies matter, and policy management matters. Period. Policies are critical governance documents for every organization. They set guardrails and parameters of acceptable and unacceptable behavior for individuals, processes, and transactions.… Continue reading The Intersection of GRC and Policy Management
Understanding Third Party GRC Maturity: Integrated Stage
A haphazard department and document centric approach for third party GRC compounds the problem and does not solve it. It is time for organizations to step back and mature their… Continue reading Understanding Third Party GRC Maturity: Integrated Stage
The 3 Lifecycle Stages of Vendor Security Risk Management: Offboarding
How do you say goodbye to a third party? This is the third of a three-part series on vendor risk management through the lifecycle of the relationship. Today, we focus… Continue reading The 3 Lifecycle Stages of Vendor Security Risk Management: Offboarding
Have You Hugged Your CECO/CCO Today?
Today is the official National Compliance Officer today! This is a very challenging role in organizations and one that is in the midst of a lot of change. Below is… Continue reading Have You Hugged Your CECO/CCO Today?
5 Reasons to be Happy About UK SMCR
Regulation and oversight – what a burden to business. That is the common expression financial services firms have as they respond to 220 regulatory change events around the world every… Continue reading 5 Reasons to be Happy About UK SMCR
Navigating Chaos
Below is Michael Rasmussen’s article found in the Autumn 2019 issue of Enterprise Risk, published by the Institute of Risk Management (The IRM). The physicist Fritjof Capra once said, “The… Continue reading Navigating Chaos
The 3 Lifecycle Stages of Vendor Security Risk Management: Ongoing Monitoring
This is the second of a three-part series on vendor risk management through the lifecycle of the relationship. Today, we focus on the ongoing monitoring process. Too often organizations conduct… Continue reading The 3 Lifecycle Stages of Vendor Security Risk Management: Ongoing Monitoring
