Building on my recent blogs Risk Management = No Surprises, and particularly The Chief Risk Officer: The Conductor of the Orchestra of Risk Management, we now pick up on that theme and explore the Chief Risk Officer and The Rhythm of Risk in the business . . .  The concept and term The Rhythm of Risk is……

I am in London this week and next week and always love going to the London Symphony Orchestra or more intimate settings like the baroque performances at St. Martin in the Fields. Navigating the complex and dynamic landscape of organizational risk requires a leader with a keen sense of balance, foresight, and an ability to……

I am in Sweden this week, where tomorrow I provide a keynote to 102 risk officers and directors at the SWERMA (Swedish Risk Management Association)’s ERM Day 2023. In general, I find the risk management thinking in Europe to be more aligned with the business, whereas, in North America, it is more of a compliance……

As we venture deeper into the digital era, the role of Artificial Intelligence (AI) in Governance, Risk Management, and Compliance (GRC) cannot be overstated. Cognitive GRC (what GRC 20/20 refers to as GRC 5.0: Cognitive GRC) is the intersection of GRC and AI, promising a future where GRC is not just a bureaucratic necessity but……

Organizations increasingly employ A.I. to enhance efficiency and decision-making processes in the modern business landscape. However, using A.I. presents numerous governance, risk management, and compliance (GRC) challenges that need meticulous attention. Within the scope of an enterprise perspective of GRC is the growing domain of A.I. GRC – the governance, risk management, and compliance over……

I am an analyst; my job is researching the challenges companies face in the context of governance, risk management, and compliance (GRC) and how they solve those challenges with strategy, process, and particularly technology and services. Every week, I answer between 10 and 20 inquiry questions from organizations that want insight into GRC-related solutions and……

In an era where change is the only constant, organizations are being inundated by a deluge of shifts across risk, business, and regulatory dimensions. Each change brings its own complexities and managing them individually, much less collectively, becomes a herculean task. The challenge is two-fold: not only must businesses keep up with these changes, but……

Governance, Risk Management, and Compliance (GRC) in higher education presents unique challenges due to the complex, dynamic, and highly regulated environments in which they operate. Crafting a coherent strategy, adopting streamlined processes, and leveraging appropriate GRC technology are paramount to charting a successful risk and compliance course that maintains an institution’s integrity, reputation, and resources.……

Here are some thoughts stemming from my Third-Party Risk Management by Design Workshop in London last week and other interactions I have had on my research. I am speaking on this topic next week at my Third-Party Risk Management by Design Workshop in Chicago, as well as a webinar on Building Resilient Supply Chains: Strategies……

The structures and realities of business today have changed. Traditional brick-and-mortar business is outdated: physical buildings and conventional employees no longer define the organization. The modern organization is an interconnected web of relationships, interactions, and transactions that span traditional business boundaries. Layers of relationships go beyond traditional employees, including suppliers, vendors, outsourcers, service providers, contractors,……

A.I. presents significant risks to organizations regardless of whether they use the technology. There are potentially enormous reputational risks to an organization when technology like generative A.I. reaches a point where it is impossible to distinguish between actual evidence of corporate bad acts and deep fakes intended to harm the organization. This creates a novel……