Upcoming Events . . .
Latest Pontifications & Thoughts . . .
Legal at the Center of GRC Leadership and Strategy
Legal Challenges in a New Era Today’s global business environment presents a broad spectrum of economic, political, social, legal and regulatory changes, which continually increase strategic and tactical complexity, and… Continue reading Legal at the Center of GRC Leadership and Strategy
Managing Change is the Greatest GRC Challenge
Change is the single greatest challenge for organizations in the context of governance, risk management, and compliance (GRC). Managing the dynamic and intricate web of change and how it impacts the… Continue reading Managing Change is the Greatest GRC Challenge
Inevitability of Failure: Flawed Use of Spreadsheets in GRC
Spreadsheets, and their associates documents and emails, are the most prevalent GRC tool used by organizations. Their use comes at a significant cost if not controlled, monitored, and used properly.… Continue reading Inevitability of Failure: Flawed Use of Spreadsheets in GRC
Making Sense of GRC Related Technology & Solutions
Every organization does GRC (governance, risk management, and compliance), but it does not mean that every organization does GRC well. Complicating this is a maze of GRC technologies. Some are… Continue reading Making Sense of GRC Related Technology & Solutions
Mistakes & Challenges in Risk Management Technologies and Strategies
Risk management is pervasive throughout organizations. There are many departments that manage risk with a variety of approaches, models, needs, and views into risk. This makes enterprise and operational risk management… Continue reading Mistakes & Challenges in Risk Management Technologies and Strategies
Manage Third Party Risk Exposure in an Interconnected World
Realize that everything connects to everything else. Leonardo da Vinci The world is flat, risk is pervasive, and organizations have no boundaries. We operate in a global and interconnected world.… Continue reading Manage Third Party Risk Exposure in an Interconnected World
FCPA: Change is in the Air
The past few months have seen some interesting developments in context of the U.S. Foreign Corrupt Practices Act (FCPA). I get more questions on anti-bribery and corruption than any other… Continue reading FCPA: Change is in the Air
From Backcountry Ranger to GRC Pundit
It is the Thanksgiving holiday here in the United States, so I thought I would make this post a little more personal. I am grateful for all of my clients,… Continue reading From Backcountry Ranger to GRC Pundit
The Agile Organization: GRC in Context of Regulatory Change
Change is an intricate machine of chaotic gears and movements and is the single greatest challenge for organizations in the context of governance, risk management, and compliance (GRC). The challenge… Continue reading The Agile Organization: GRC in Context of Regulatory Change
IT GRC > IT Security
If you have been following my research over the course of the past 15 years you will know that I have often been frustrated when IT GRC has been understood to be confined to IT security management. In fact, you can find some of my Forrester reports (2001 to 2007) that often challenge the captivity…
Now Accepting 2015 GRC Value Award Nominations
GRC 20/20 is accepting nominations for the 2015 GRC Value Awards! Successful governance, risk management, and compliance (GRC) delivers the ability to effectively mitigate risk, meet requirements, satisfy auditors, achieve human… Continue reading Now Accepting 2015 GRC Value Award Nominations
Quick Start to a GRC RFP
The GRC market is a broad market with a variety of segments. It is not all about Enterprise GRC Platforms. In fact, only about 25% of the inquiries GRC 20/20 gets from organizations are for Enterprise GRC strategies and platforms. A good 75% of the market is aimed at solving department and specific regulatory or…