LockPath Ready Summit 2016

[button link=”https://lockpath.com/event/lockpath-ready-summit-2016-10-04/”]Learn More[/button]

[tabs style=”default”] [tab title=”Overview”]

To help your organization learn from the combined experiences of our customers, partners and staff, we’re hosting the 2nd Annual LockPath Ready Summit (LPRS) in October. We are excited to invite users of our Keylight GRC platform, as well as our partners and other industry experts, for two days of workshops, customer presentations, solution showcases, and more.

[/tab] [tab title=”GRC 20/20 Participation”]

GRC 20/20’s, Michael Rasmussen, The GRC Pundit, will be attending this event as an analyst participant.
rasmussenMichael Rasmussen – The GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 23+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures, and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” — being the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.

[/tab] [tab title=”Benefits”]

Attendees of LPRS will have the opportunity to:

  • Network with LockPath customers and partners and learn how others are using Keylight.
  • Hear from industry experts in compliance, risk management and IT security.
  • Preview what the future holds for LockPath and Keylight.

Whether you’ve been a LockPath customer for several years or still in the process of implementing Keylight, your organization will benefit from attending LPRS.

[/tab] [tab title=”Who Should Attend”]

  • IT and IT Security Professionals
  • Business Continuity Professionals
  • Audit Professionals
  • Risk Management Professionals
  • Compliance & Ethics Professionals
  • Internal Control Professionals
  • Fraud Analysts & Investigators
  • Legal Professionals
  • Finance and Accounting Professionals

[/tab] [tab title=”Conference Host”]

Screen Shot 2016-02-10 at 2.00.21 PMLockPath was created by GRC experts who recognized the need for intuitive GRC software that was flexible and scalable to serve ever-changing and expanding organizations.

In addition to the company’s founders, LockPath’s executive team comprises top industry professionals in the fields of software development, accounting and consulting, cybersecurity, financial services, market development and other industries. LockPath employs dozens of talented professionals and has several open positions.

LockPath serves a client base of global organizations ranging from small and midsize companies to Fortune 10 enterprises across industries. Along with their ecosystem of technology and channel partners, LockPath provides unparalleled customer satisfaction from initial project discovery discussions to ongoing customer support.

[/tab] [/tabs]

ACL Connections 2016

[button link=”https://lockpath.com/event/lockpath-ready-summit-2016-10-04/”]Learn More[/button]

[tabs style=”default”] [tab title=”Overview”]

Join us for our customer conference this year to experience the biggest releases in ACL history.

[/tab] [tab title=”GRC 20/20 Participation”]

GRC 20/20’s, Michael Rasmussen, The GRC Pundit, will be attending this event as an analyst participant.
rasmussenMichael Rasmussen – The GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 23+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures, and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” — being the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.

[/tab] [tab title=”Benefits”]

Conference registration fee includes:

  • Intensive hands-on workshop on Wednesday
  • Access to all conference sessions
  • All meal functions as outlined in the agenda
  • A fun-filled evening’s entertainment on Monday
  • 18 CPE credits

[/tab] [tab title=”Who Should Attend”]

  • Audit Professionals
  • Internal Control Professionals
  • Risk Management Professionals
  • Finance and Accounting Professionals
  • Fraud Analysts & Investigators
  • Compliance & Ethics Professionals
  • IT and IT Security Professionals
  • Business Continuity Professionals
  • Legal Professionals

[/tab] [tab title=”Conference Host”]

ACL-FinalLogo-color-notagACL is a software company with a vision for the future of the Governance, Risk Management and Compliance (GRC) professions: a community of compliance pros, auditors, risk management experts, IT and finance teams who are sought after for the value they deliver to their organizations. Through a unique combination of extreme ease-of-use, cloud delivery and the integration of industry standard risk analytics, ACL’s platform helps people focus more time on identifying and managing the highest-impact risks.

[/tab] [/tabs]

Workiva TEC

The Exchange Community. TEC.

The Exchange Community, or TEC, is the annual Wdesk user conference that brings together users, reporting professionals, and industry thought leaders for three days of networking, best practice sharing, and industry discussions.

[button link=”https://tec.workiva.com”]Learn More[/button]

[tabs style=”default”] [tab title=”Overview”]

The fifth annual Wdesk user conference will be held in San Diego.

TEC brings together Wdesk users, financial reporting professionals, thought leaders, and Workiva employees for three days of intensive Wdesk training and professional development. Attendees will get the chance to network, share best practices, and discuss industry trends all while earning CPE credits. Sessions at The Exchange Community range from advanced XBRL training and trending SEC regulations, to SOX and internal controls audit compliance and risk management practices.

[/tab] [tab title=”GRC 20/20 Participation”]

GRC 20/20’s, Michael Rasmussen, The GRC Pundit, will be attending this event as an analyst participant.
rasmussenMichael Rasmussen – The GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 23+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures, and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” — being the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.

[/tab] [tab title=”Benefits”]

  • “The breakout sessions were very instructional and informative. The social events were amazing, and the level of detail was spectacular.”
  • “The conference was very well organized, provided valuable sessions, and great entertainment in the evenings. As a new user, I was continually impressed by the capabilities of Wdesk, and I’m excited to start using it in Q3.”
  • “The Wdesk Lounge was great with the Solution Pods for product demos and the Q&A Bar where I could get specific technical help on my issues.”
  • “The mobile app was hugely beneficial to find the rooms and change around my class choices. I also liked having access to development managers to give my input on future Wdesk features.”
  • “I loved how professionally run the conference was. It really knocked my socks off—probably the most proficiently organized conference I have ever been to.”
  • “What did I like the most? Everything. The execution was extremely thorough from minor details to group sessions. Excellent speakers (Paul DePodesta was great!), fabulous events, and the Wdesk Lounge was a great optional resource. Good schedule too, not too jam-packed but leaves it more up to you how much you want to get out of it. I loved that. I could do as little or as much as I wanted and could really tailor my experience. Awesome.”
  • “The energy was great, the information relevant, staff friendly, networking exceptional! We are already planning for our group to attend next year!”
  • “Excellent! I am full of new ideas and have definitely walked away from the conference much more knowledgeable about the product we are using. Thank you, thank you, thank you!”
  • “I had a great time and it was, by far, the best conference that I have ever attended. I gained a lot (including some new friends) and am already looking forward to next year!”
  • “Great conference and well worth the time away from work to attend.”

[/tab] [tab title=”Who Should Attend”]

The Exchange Community is open to all Workiva customers and prospects. Educational tracks will be available for new and experienced users of all Wdesk solutions and for individuals in all stages of their reporting careers.
Be ready to:

  • Discover best practices
  • Learn from industry thought leaders
  • Experience one-on-one, hands-on training
  • Influence real Wdesk features
  • Network, network, network

[/tab] [tab title=”Conference Host”]

Screen Shot 2016-02-10 at 10.55.14 PMWe started with an idea: make complex collaboration easy.

We’ve been there. As accountants, engineers, and entrepreneurs, we experienced the struggles of using incorrect and untimely data. When we started, reporting was still manual—often involving hundreds of collaborators and many versions before the final draft. With old processes and tools, we were not confident in the quality of our data or reports.

We knew there was a better way, and that’s why we created Wdesk. It’s an all-in-one platform that simplifies complex collaboration while keeping data in sync, thus reducing risk. That’s why it’s already used by thousands of companies around the globe, including over 65% of the Fortune 500.

We have arrived at an inflection point where data is available
at such a scale that analytics can be applied to solve problems and yield real-time results in ways never before possible. IBM Analytics can help developers innovate faster and more securely, help business professionals find a smarter way to work via better problem solving and collaboration, and help enterprises gain deeper insight faster.

[/tab] [/tabs]

IBM Vision 2016

Outthink. Outperform

[button link=”https://www-01.ibm.com/software/analytics/vision/”]Learn More[/button]

[tabs style=”default”] [tab title=”Overview”]

IBM Vision 2016 is the premier global conference for finance, risk management and sales compensation professionals. Over three days, you will experience how IBM cognitive solutions can help you drive profitable growth, manage risk and optimize performance through the latest advances in analytics and cloud. This year’s tracks focus on three key areas including:

  • Governance, Risk and Compliance. See how governance, risk and compliance solutions from IBM help organizations achieve profitable growth and address the increasing demands for regulatory compliance in today’s complex marketplace.
  • Financial & Operational Performance Management. Learn how IBM Business Analytics solutions improve performance reporting and scorecarding, planning, analysis and forecasting, profitability modeling, financial consolidation and regulatory reporting.
  • Sales Performance Management. IBM’s sales performance management solutions improve sales results and operational efficiencies with better management of incentive compensation plans, and smarter administration of sales territories and quotas.

[/tab] [tab title=”GRC 20/20 Participation”]

GRC 20/20’s, Michael Rasmussen, The GRC Pundit, will be attending this event as an analyst participant.
rasmussenMichael Rasmussen – The GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 23+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures, and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” — being the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.

[/tab] [tab title=”Benefits”]

At Vision 2016, you will learn how to capitalize on the latest advances in analytics to turn your company into a cognitive business. Along with keynotes from industry thought leaders and real-world case studies from customers and product experts, Vision 2016 offers more than 120 sessions and workshops. You’ll get a first-hand look at the latest innovations in IBM Cognos TM1, IBM Cognos Disclosure Management, IBM Controller, IBM Cognos Sales Performance Management, IBM OpenPages Governance, Risk and Compliance (GRC) solutions, IBM Cognos Business Intelligence, IBM SPSS products and more.

Learn about the key solutions and strategies you need to address challenges that are top-of-mind for chief financial officers, chief risk officers, chief compliance officers and sales compensation professionals in virtually all industries.
Join us, and learn how to:

  • Transform your finance, risk, and sales operations organizations by capitalizing on the latest innovations in cognitive computing, analytics, cloud and other key areas.
  • Build relevant analytical capabilities to drive profitable growth.
  • Use the latest cognitive tools, synthesize information, see trends and deliver insights to improve decision quality.
  • Leverage the cloud to scale your solution platform quickly, while reducing costs.
  • Enhance planning, budgeting, forecasting, reporting, analysis, and internal control, plus risk management, compliance, and sales performance management.
  • Implement best practices developed by leading IBM customers and product experts.

[/tab] [tab title=”Who Should Attend”]

  • Board of Directors & Executives
  • Chief Executive Officers
  • Finance and Accounting Professionals
  • IT and IT Security Professionals
  • Audit Professionals
  • Risk Management Professionals
  • Compliance & Ethics Professionals
  • Internal Control Professionals
  • Business Continuity Professionals
  • Fraud Analysts & Investigators
  • Legal Professionals

[/tab] [tab title=”Conference Host”]

Screen Shot 2016-02-10 at 10.28.23 PM
Each day, we create 4.5 quintillion bytes of data from a variety of sources—from climate information
 to posts on social media sites, purchase transaction records and medical images.  IBM has the world’s most comprehensive portfolio of data and analytics capabilities in the market. Our strategy is to help enterprises across all industries extract new insights from the explosion of available data to drive competitive advantage. IBM delivers a full spectrum of analytics—from descriptive, predictive and prescriptive to cognitive—to turn big data into big insights and reinvent how decisions are made. We also provide talent management and social collaboration solutions powered by workforce science and cognitive analytics capabilities. We also provide talent management and social collaboration solutions powered by workforce science and cognitive analytics capabilities.

We have arrived at an inflection point where data is available
at such a scale that analytics can be applied to solve problems and yield real-time results in ways never before possible. IBM Analytics can help developers innovate faster and more securely, help business professionals find a smarter way to work via better problem solving and collaboration, and help enterprises gain deeper insight faster.

[/tab] [/tabs]

MetricStream GRC Summit 2016

Leading With GRC

[button link=”http://grc-summit.com/#”]Learn More[/button]

[tabs style=”default”] [tab title=”Overview”]

Join us as we bring together experts from the GRC Community to collectively bring to life our vision of ‘Leading with GRC.’

[/tab] [tab title=”GRC 20/20 Participation”]

GRC 20/20’s, Michael Rasmussen, The GRC Pundit, will be participating in this event in the following capacity:

  • Analyst Presentation on Day 2, 11:40a to 12:30p

rasmussenMichael Rasmussen – The GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 23+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures, and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” — being the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.

[/tab] [tab title=”Benefits”]

The MetricStream GRC Summit is the premier forum to connect and network with the who’s who of the GRC world including GRC practitioners, thought leaders, and analysts. Over 500 attendees from across 200 companies are expected to attend the 3-day conference.

[/tab] [tab title=”Who Should Attend”]

  • Board of Directors & Executives
  • Chief Executive Officers
  • Finance and Accounting Professionals
  • IT and IT Security Professionals
  • Audit Professionals
  • Risk Management Professionals
  • Compliance & Ethics Professionals
  • Internal Control Professionals
  • Business Continuity Professionals
  • Fraud Analysts & Investigators
  • Legal Professionals

[/tab] [tab title=”Conference Host”]

MetricStream

MetricStream is simplifying Governance, Risk, and Compliance (GRC) for modern and digital enterprises. Our market-leading enterprise and cloud Apps for GRC enable organizations to strengthen risk management, regulatory compliance, vendor governance, and quality management while driving business performance.

[/tab] [/tabs]

2016 East Africa GRC Forum

Creating Governance, Risk and Compliance Capacity for Sustainable Success in Developing Markets

[button link=”http://www.ubcompliance.com/Conferences.html#”]Learn More[/button]

[button link=”http://grc2020.com/wp-content/uploads/2016/02/Agenda-2016.pdf”]Download Agenda[/button]

[tabs style=”default”] [tab title=”Overview”]

This conference has been created specifically for developing market leaders, governance, risk management, and compliance practitioners work in either the public or private sectors (at all levels) or have exposure to these organizations. It aims at creating a capacity in good corporate governance in East African organizations.

East African organizations across various industries today face an increasing challenge of complying with an an every increasing number of regulatory changes, setting up an effective risk management framework and controls, and implementing good corporate governance at all levels. At the 2016 East Africa GRC Forum, we invite board members, CIOs, CAEs, CROs, CISOs, VPs, AVPs, directors, heads and managers of  audit, risk, and compliance, ICT of various organizations to come debate and address a wide range of highly relevant topics from thought leaders, practitioners, experts, and analysts in the region.

You will be joining hundreds of regional governance, risk and compliance professionals from various East African countries at this event that brings together the global best practices, practical solutions, and brightest minds to embrace challenges, forge solutions, and define your future GRC capabilities.

Come jumpstart your GRC program!

[/tab] [tab title=”GRC 20/20 Participation”]

GRC 20/20’s, Michael Rasmussen, The GRC Pundit, is the Conference Chair and Advisory Panel Member. Michael Rasmussen will be make an opening statement to open the program as well as closing comments each day, and will also conduct the following:

  • Building & Implementing an Enterprise Risk Management Framework, Panel Discussion moderated by Michael Rasmussen
  • Keynote Presentation on Day 2 by Michael Rasmussen

rasmussenMichael Rasmussen – The GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 23+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures, and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” — being the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.

[/tab] [tab title=”Benefits”]

Personal Gain . . .

  • Experience practical skill. Choosing the sessions that matter most to you and your organization.
  • Interact face-to-face. Gain insights and share ideas at this world-class networking event.
  • Update your knowledge and skills. Earn valuable CPE credits.
  • Exceptional value for your time investment. Receive certification and documentation from every session that can be shared with colleagues.
  • Access to industry experts. Discover tested solutions that work for successful professionals and could work for your organization too.
  • Meet leading vendors. Discover GRC capabilities in GRC solution POC that decrease risk and increase ROI.

[/tab] [tab title=”Who Should Attend”]

  • Board of Directors & Executives
  • Chief Executive Officers
  • Finance and Accounting Professionals
  • IT and IT Security Professionals
  • Audit Professionals
  • Risk Management Professionals
  • Compliance & Ethics Professionals
  • Internal Control Professionals
  • Business Continuity Professionals
  • Fraud Analysts & Investigators
  • Legal Professionals

[/tab] [tab title=”Conference Host”]

Screen Shot 2016-02-10 at 9.41.01 PMUnited Business Compliance is a dynamic and a niche provider for high quality Governance, Risk, Compliance, Information Security, Fraud control and Revenue assurance trainings, seminars and business conferences globally across industries.

[/tab] [/tabs]

Posted on Leave a comment

Making Sense of GRC Related Technology & Solutions

Every organization does GRC (governance, risk management, and compliance), but it does not mean that every organization does GRC well. Complicating this is a maze of GRC technologies. Some are built to solve very specific problems, others focus on department/function wide management of GRC related activities, some are enterprise platforms for a specific purpose (e.g., enterprise policy management, third party management, risk management). And some are Enterprise GRC platforms to try to bring everything together in a single architecture. But then many fail, often watering down GRC to the lowest common denominator and frustrating those in the trenches of business and the back-office of GRC. As a result, many organizations have begun approaching GRC architecture and allowing for a core system to be the hub that integrates with best of breed GRC solutions where they make sense.

Adding to this is the maze of over 800 GRC technology solutions in the market across 17 primary segments of GRC domains with many sub-segments in each. The primary segments are:

  • Enterprise GRC Platforms. Capability to manage an integrated architecture across multiple GRC areas in a structured strategy, process, information and technology architecture (see How to Purchase Enterprise GRC Platforms).
  • Audit Management & Analytics. Capability to manage audit planning, staff, documentation, execution/field work, findings, reporting, and analytics (see How to Purchase Audit Management Solutions & Platforms).
  • Automated Control Enforcement & Monitoring. Capability to automate the detection and enforcement of internal controls in business processes, systems, records, transactions, documents, and information.
  • Business Continuity Management. Capability to manage, maintain, and test continuity and disaster plans, and implement these plans expected and unexpected disruptions to all areas of operation.
  • Compliance Management. Capability to manage an overall compliance program, document and manage change to obligations, assess compliance, remediate non-compliance, and report (see How to Purchase Compliance Management Solutions & Platforms).
  • Environmental Management. Capability to document, monitor, assess, analyze, record, and report on environmental activities and compliance.
  • Health & Safety Management. Capability to manage, document, monitor, assess, report, and address incidents related to the health and safety of the workforce and workplace.
  • Internal Control Management. Capability to manage, define, document, map, monitor, test, assess, and report on internal controls of the organization.
  • IT GRC Management. Capability to govern IT in context of business objectives and manage IT process, technology, and information risk and compliance (see How to Purchase IT GRC Management Solutions & Platforms).
  • Issue Reporting & Management. Capability to notify on issues and incidents and manage, document, resolve, and report on the range of complaints, issues, incidents, events, investigations, and cases.
  • Legal Management. Capability to manage, monitor, and report on the organization’s legal operations, processes, matters, risks, and activities.
  • Physical Security Management. Capability to manage risk and losses to individuals and physical assets, facilities, inventory, and other property.
  • Policy & Training Management. Capability to mange the development, approval, distribution, communication, forms, maintenance, and records of policies, procedures and related awareness activities (see How to Purchase Policy Management Solutions & Platforms).
  • Quality Management. Capability to manage, assess, record, benchmark, and track activity, issues, failures, recalls, and improvement related to product and service quality.
  • Risk Management. Capability to identify, assess, measure, treat, manage, monitor, and report on risks to objectives, divisions, departments, processes, assets, and projects (see How to Purchase Risk Management Solutions & Platforms).
  • Strategy & Performance Management. Capability to govern, define, and manage strategic, financial, and operational objectives and related performance and risk activities.
  • Third Party Management. Capability to govern, manage, and monitor the array of 3rd party relationships in the enterprise, particularly risk and compliance challenges these relationships bring (see How to Purchase 3rd Party Management Solutions & Platforms).

While there is such a breadth of GRC related solutions in the market, many organizations are still encumbered by a labyrinth of chaos in manual processes using documents, spreadsheets, and emails for many of these areas. The disconnected silos of manual GRC processes encumbered with documents, spreadsheets and emails are not sustainable and lead to exposure, failure, and loss. Unfortunately, organizations are quick to react to this and often find themselves neck deep in a GRC platform rollout before thinking through their overall strategy, process, information, and technology needs.

The problem with how many organizations approach GRC (remember, everyone does GRC whether you use the acronym or not) is that it has not been designed properly, particularly when it has been designed around the capabilities of a specific platform. Too often organizations are letting a GRC platform define their GRC strategy instead of letting their GRC strategy shape their GRC platform and architecture. Organizations end up with significant risk gaps within their operating models despite significant investment in ‘leading’ GRC platforms that are scattered and disconnected across the business. This has resulted in a poor return on investment in GRC related projects that fail to drive value or opportunity that GRC transparency should create.

GRC projects fail when:

  • Lack of a GRC strategy and understanding of processes.
  • Letting a GRC solution/platform define your GRC strategy, processes, and information.
  • GRC platforms that under deliver to the range of needs and processes.
  • Trying to meet the needs of departments with a solution that is not flexible that forces everyone to manage GRC to the lowest common denominator.
  • The needs of one department with budget overshadow the needs of other departments.
  • GRC platform implementation that goes over budget and misses deadlines while draining resources.
  • GRC platforms that require extensive and costly build-out to achieve capabilities the organization thought were native in the product.
  • GRC platform that does not integrate well with other systems.

Organizations that have went down the wrong path with a GRC technology strategy may be ready to throw in the towel and call it quits. The truth is the organization can never abandon GRC as it is something every organization does.  It may be done poorly, it may be done well, but every organization does GRC if they call it GRC or something else. While a technology strategy and GRC platform may be scrapped and the organization may retreat to old manual processes, it does not change the fact that the organization has a duty and responsibility for GRC.

There are a couple of key upcoming events to be aware of that can assist organizations on their GRC strategy and the role of technology in that strategy, these are:

  • Findings from the OCEG GRC Technology Strategy Survey. OCEG engages GRC 20/20 to design this survey, analyze the findings, and build the written report. The webcast for this survey is on January 21st.
  • State of the GRC Market Research Briefing. This is GRC 20/20’s flagship Research Briefing that is 2 hours in length and goes into the details of drivers and trends in GRC, market segmentation and forecasting, RFP scopes and trends, and buyer inquiries and what organizations are looking for. This is on February 1st.
  • Enterprise GRC by Design Workshop. This workshop aims to provide a blueprint for attendees on effective enterprise GRC strategies in a dynamic business, regulatory, and risk environment. Attendees will learn enterprise GRC strategies and techniques that can be applied across the organization. The next one is in Rhode Island, CT, USA on February 18th.

Spreadsheets in Financial Control Processes

Also GRC 20/20 is working on a specific research project focusing on the regulatory scrutiny (e.g., SOX) of spreadsheets in financial control processes.  Organizations are facing increased pressures to ensure that they have adequate controls over end user computing controls, particularly spreadsheets. This is very apparent when spreadsheets are used as part of accounting processes. The Public Company Accounting Oversight Board (PCAOB) has requested auditors to increase their focus on ‘System Generated Data and Reports’ driving the application of so-called ‘enhanced audits’ of Sarbanes Oxley (SOX) control processes. This scrutiny is leading to new SOX failings for companies that had previously had no such failings. In particular, these enhanced audits are exposing the role of spreadsheets in context of Internal Control over Financial Reporting (ICFR) and the fact that such spreadsheet controls are often open to manual manipulation.

This survey is intended to gather organization awareness and concern of spreadsheet controls in context of ICFR, audits and PCAOB scrutiny.

[button class=”kopa-button big-button color-button” link=”http://www.surveygizmo.com/s3/2448771/Spreadsheet-Controls” target=””]TAKE SURVEY[/button]