Each year, when the World Economic Forum releases its Global Risks Report, I see leaders react in a familiar way. They circulate the visuals, discuss the rankings, highlight what feels immediate,… Continue reading The WEF Global Risks Report 2026: How We Make Decisions, Set Objectives, and Perform with Integrity When Instability Is the Baseline

As we move toward 2026, I find myself increasingly uneasy with how many organizations talk about operational resilience. Not because they are ignoring it, quite the opposite. Most financial institutions,… Continue reading From Readiness to Reality: What Operational Resilience Demands as We Enter 2026

Resilience, When You Don’t Get to Choose the Disruption As 2025 draws to a close, many people around the world are entering a season of reflection. Whether marked by Christmas,… Continue reading Closing 2025 and Reframing Resilience for 2026

For more than twenty years, risk management has been shaped by the gravitational pull of Sarbanes-Oxley. SOX arose from a genuine crisis of trust, and its intentions were honorable: to… Continue reading Risk Management Is Not a SOX Coloring Book: A Call for Risk Management as a Strategic Discipline

Orchestrating Strategic, Objective-Centric, and Operational Risk & Resilience through GRC 7.0 Risk! Risk is our business. That’s what this starship is all about. That’s why we’re aboard her — Captain… Continue reading GPRC for Enterprise Risk Management

In my decades of advising organizations across industries and geographies, one recurring challenge persists: articulating the value of Governance, Risk Management, and Compliance (GRC) in a way that resonates with… Continue reading Building a GRC STORYBOARD for Executive Management to Get Buy-In and Funding

Over the past several years — and particularly throughout this past year — I have observed a profound transformation in how organizations confront uncertainty. The traditional boundaries we once relied… Continue reading Seeing the Risk Landscape Anew: Reflections on Enterprise Risk Intelligence and the Future of Modern GRC

A Structural Break, Not a Cycle By the end of this decade, the governance, risk management, and compliance (GRC) market will be almost unrecognizable. Not because a few new tools… Continue reading Risk Is Our Business: Why the GRC Market of 2030 Will Look Nothing Like Today

Technology does not give you good third-party risk management. Governance does. I’ve said this before about enterprise risk management, but it applies even more profoundly to what we now call… Continue reading Governing the Extended Enterprise: The TPRM Platform I Would Demand

I’ll be exploring this theme in depth at Gameday Ready, London – November 7, 9:00 am–1:00 pm GMT and during the Supplier Risk Resolution Workshop – November 10, 1:00 pm–4:00 pm GMT. Both… Continue reading The Inevitability of Failure: Building Resilience in a World of Uncertainty

Orchestrating Integrity, Performance, and Foresight from the Bridge of the Enterprise The strength of the ship lies not only in its hull or engines, but in how every system —… Continue reading GPRC for Risk, Compliance & Internal Control System

The past several weeks have been a whirlwind of engagement, ideas, and energy — and I wouldn’t have it any other way. Currently, this week is South Africa and continuing… Continue reading Choose Your Own Risk Adventure: From South Africa to a Fortnight in London