Upcoming Events . . .
Latest Pontifications & Thoughts . . .
Pitfalls in GRC Software Selection and RFPs
There is a broad array of governance, risk management, and compliance (GRC) related solutions available in the market. In fact, GRC 20/20 has catalogued and mapped over 800 technology solutions and… Continue reading Pitfalls in GRC Software Selection and RFPs
Increased Pressure to Control Spreadsheets and Documents
Pervasiveness of End User Computing Brings Risk Use of end user computing applications such as spreadsheets, emails, and other document types has revolutionized how technology creates value for organizations. However,… Continue reading Increased Pressure to Control Spreadsheets and Documents
Gartner: Missing the Risk & Compliance (GRC) Target
Gartner, in context of governance, risk management, and compliance (GRC) related research, is ignorant and harmful to organizations that rely on their research publications and advice. In full disclosure, Gartner… Continue reading Gartner: Missing the Risk & Compliance (GRC) Target
Understanding Risk Management Process & Architecture
The risk management strategy and policy is supported and operationalized through a risk management architecture. Organizations require complete situational and holistic awareness of risks across operations, processes, transactions, and data… Continue reading Understanding Risk Management Process & Architecture
Third Party Risk: Gaining Certainty in Global Relationships
One of the greatest governance, risk management and compliance challenges before organizations is managing the web of third party business relationships. Brick and mortar business is a thing of the past:… Continue reading Third Party Risk: Gaining Certainty in Global Relationships
GDPR Compliance Requires a Strategy Supported by Process, Information and Technology
As the years go by, there is increasing focus on the protection of personal information around the world. Over time we have seen US HIPAA, US GLBA, Canada’s PIPEDA, the EU Data… Continue reading GDPR Compliance Requires a Strategy Supported by Process, Information and Technology
Risk Management by Design
The physicist, Fritjof Capra, made an insightful observation on living organisms and ecosystems that also rings true when applied to risk management: “The more we study the major problems of… Continue reading Risk Management by Design
Monitoring and Managing Risk Effectively
Challenge to Boards, Executives, and Risk Management Professionals Organizations take risks all the time but fail to monitor and manage risk effectively. Further, risk management is too often seen as… Continue reading Monitoring and Managing Risk Effectively
Benefits of a Policy & Training Management Strategy and Architecture
The organization requires a policy and training management architecture that is context-driven and adaptable to a dynamic and changing environment. Compared to the ad hoc method in use in most… Continue reading Benefits of a Policy & Training Management Strategy and Architecture
Policy Management Information & Technology Architecture
Policy & Training Management Information Architecture The policy and training management information architecture supports the process architecture and overall policy and training management strategy. With processes defined and structured in the… Continue reading Policy Management Information & Technology Architecture
Compliance Automation: The Role of Technology in Today’s Dynamic Organization
Compliance is not easy. Organizations across industries have global clients, partners, and business operations. Adding to the complexity of global business, today’s organization is dynamic and constantly changing. The modern… Continue reading Compliance Automation: The Role of Technology in Today’s Dynamic Organization
GRC 20/20’s Effective Policy Management Process Lifecycle
The policy and training management strategy and policy is supported and made operational through the policy and training management architecture. The organization requires complete situational and holistic awareness of policies… Continue reading GRC 20/20’s Effective Policy Management Process Lifecycle
