Most organizations fail to manage the lifecycle of policies. This results in policies that are out of date, ineffective, and not aligned to business needs. It further opens the… Continue reading Defining a Policy Management Lifecycle

  We now turn our attention back to my series on Effective Policy Management & Communication. In the previous posting we looked at the disarray and chaos of how policies… Continue reading Policies, Done Right, Articulate Culture

Business is complex and dynamic, and requires agility to stay competitive. Market leadership requires the organization be quick to respond to changing conditions – to pause means loss. Governance, risk,… Continue reading The Value of a Common Architecture for GRC Platforms

When you think you have heard everything . . . One of the attendees at the San Jose GRC Fundamentals, Strategy, and Technology Bootcamp today shared an interesting conversation she… Continue reading Wanted: GRC Psychologist

The San Jose GRC Fundamentals, Strategy, & Technology bootcamp is underway with terrific interaction. The bootcamp is comprised of implementers of large down to medium sized organizations, professional service firms,… Continue reading Top GRC Questions & Issues

2010 is proving to be an interesting year for the reorganization of the GRC space. It kicked off with the public announcement of the EMC/RSA acquisition of Archer Technologies. Shortly… Continue reading BPS & Resolver – Synergetic Merger

I just passed the Certified Compliance & Ethics Professional (CCEP) exam from the Society of Corporate Compliance & Ethics (SCCE). While I meant to do this years a go –… Continue reading CCEP – Certified Compliance & Ethics Professional

  Policies are a critical component of a GRC strategy – but often the most overlooked or neglected component. It amazes me the number of companies I go into that… Continue reading Corporate Policies in Disarray and Chaos

  Over the past few months we have explored together the various components of my GRC Reference Architecture. This embodies the technology end of my broader GRC EcoSystem – which… Continue reading GRC Reference Architecture: Industry, Geographic, & Technology Views

  Happy New Year! I trust that 2010 will bring you success and direction in your personal and professional life. First I need to state a deep thank you to… Continue reading 2010 GRC Research Agenda & Education

For the past two years Archer Technologies has been a disruptive force in the GRC market. They have been going strong in the IT/information security segment of GRC for several… Continue reading EMC/RSA Acquisition of Archer: 1 + 1 = 3

  The following is an abstract from my latest research piece “Enhancing Business Performance through Risk Management“ While the market seems eager to grasp onto the phrase “risk intelligence,” it… Continue reading Enhancing Business Performance through Risk Management