Upcoming Events . . .
Latest Pontifications & Thoughts . . .
The 3 Lifecycle Stages of Vendor Security Risk Management: Onboarding
This is the first of a three-part series on vendor risk management through the lifecycle of the relationship. Today, we focus on steps to achieve a proper and friction-free onboarding… Continue reading The 3 Lifecycle Stages of Vendor Security Risk Management: Onboarding
Compliance Disclosure Solutions: Separating the Simple from the Advanced
GRC 20/20 is seeing a growing demand for compliance management technologies from the Corporate Compliance and Ethics department (e.g., Chief Ethics and Compliance Officer, Chief Compliance Officer). This demand spans… Continue reading Compliance Disclosure Solutions: Separating the Simple from the Advanced
Understanding Third Party GRC Maturity: Defined Stage
A haphazard department and document centric approach for third party GRC compounds the problem and does not solve it. It is time for organizations to step back and mature their… Continue reading Understanding Third Party GRC Maturity: Defined Stage
Policy & Training Engagement in a Millennial Generation
As the only analyst covering the range of policy and training management solutions as its own segment of the Governance, Risk Management, and Compliance (GRC) market, I am asked several… Continue reading Policy & Training Engagement in a Millennial Generation
The Rhythm of Risk: Managing Risk Throughout the Context of Business
Writing about risk management is like trying to have an intelligent conversation today about religion or politics. Individuals in the risk management community have polarized views and if someone does… Continue reading The Rhythm of Risk: Managing Risk Throughout the Context of Business
Understanding Third Party GRC Maturity: Fragmented Stage
A haphazard department and document centric approach for third party GRC compounds the problem and does not solve it. It is time for organizations to step back and mature their… Continue reading Understanding Third Party GRC Maturity: Fragmented Stage
Policy Management Tips for Companies in Asia
On 30th July, ClauseMatch hosted a Policy Management Workshop with Governance, Risk & Compliance (GRC) expert Michael Rasmussen in Singapore, the first in our global series that aim to provide a blueprint for attendees… Continue reading Policy Management Tips for Companies in Asia
Understanding Third Party GRC Maturity: Ad Hoc Stage
A haphazard department and document centric approach for third party GRC compounds the problem and does not solve it. It is time for organizations to step back and mature their… Continue reading Understanding Third Party GRC Maturity: Ad Hoc Stage
Policy Management Technology: Separating the Simple from the Advanced
Most organizations are waking up to find their policies in a complete disarray. Over the years policy portals have sprung up across the organization. HR has their portal, IT has… Continue reading Policy Management Technology: Separating the Simple from the Advanced
Michael Rasmussen on GRC value & creating your GRC RFP template
What do you need to include in a GRC RFP? We asked one of the experts in this interview. Enterprise governance, risk, and compliance (GRC) strategies can help organizations across… Continue reading Michael Rasmussen on GRC value & creating your GRC RFP template
From Ad Hoc to Agile: Set Your Course for Third-Party GRC Maturity
This post is an excerpt from GRC 20/20’s most recent research piece, Third Party GRC Maturity Model: A New Paradigm in Governing Third Party Relationships, and upcoming webinar From Ad… Continue reading From Ad Hoc to Agile: Set Your Course for Third-Party GRC Maturity
Defining a Risk Culture: Critical Elements of an Enterprise Risk Management Policy
I am amazed at the number of risk management programs I encounter that lack an organized structure and approach. So often what we know as ERM (enterprise risk management) is… Continue reading Defining a Risk Culture: Critical Elements of an Enterprise Risk Management Policy
