It is finally here! For the past year, I have been working hard with OCEG on the Policy Management Illustrated eBook. I have spent countless hours behind Adobe Illustrator working… Continue reading Why Policies, and Policy Management, Matters

The world has changed, business has changed. A worldwide pandemic has caused restructuring of processes, employees, and activities. It has forced organizations to look for agile ways to manage a… Continue reading Policy Engagement In A COVID & Post-COVID World

The value of a third-party risk management strategy Traditional brick and mortar business is a thing of the past: physical buildings and conventional employees no longer define your organization. The… Continue reading Ensuring Integrity in the Extended Enterprise

Risk management is a hot topic and focus within organizations. We are surrounded with acronyms of GRC (governance, risk management, and compliance), ERM (enterprise risk management), ORM (operational risk management),… Continue reading Rethinking Risk Management RFP Requirements

It has been stated that: Any intelligent fool can make things bigger, more complex and more violent. It takes a touch of genius – and a lot of courage to… Continue reading ENGAGING GRC TO THE FRONT-OFFICE, AND NOT JUST BACK-OFFICE FUNCTIONS

Over the course of a year, I interact and advise on a lot of GRC related RFPs/RFIs. Some of these are for Enterprise GRC Platforms, most are in specific domains… Continue reading Role of Business Proces Modeling in GRC Requirements

Organizations are caught in a swirling vortex of uncertainty in risk and compliance as they strive to be bastions of integrity in the center of chaos. In the midst of… Continue reading Managing Integrity Through GRC Engagement of Employees

Compliance and ethics are a growing challenge and concern in organizations. Faced with increasing regulatory change, enforcement actions, audits and exams, and liability and exposure, compliance and ethics is in… Continue reading How to Tie a Compliance & Ethics Bow Tie

Compliance is Not Easy Organizations across industries have global clients, partners, and business operations. Adding to the complexity of global business, today’s organization is dynamic and constantly changing. New employees… Continue reading Agile and Integrated Compliance: Managing Compliance in Dynamic Business

In this podcast The GRC Pundit of GRC 20/20 Research, LLC interviews Toni Villanen of Majid Al Futtaim to discuss #riskmanagement #ERM #ORM #GRC – where it has been, where it is now, and where it… Continue reading The GRC Pundit Podcast: Toni Villanen of Majid Al Futtaim

The COVID-19 pandemic has changed everything. What started as a health and safety risk has had a domino impact of other risks that have resulted in changed business practices, processes,… Continue reading Policy Management and Remote Work: Adapting to the New Normal