The role of legal is growing in significance as it guides the enterprise beyond putting out the fires of legal matters. It is expanding into a proactive role in legal… Continue reading The Role of Legal & Legal Processes is Changing

What have we learned from 2020? I think all of us have learned quite a bit in both our personal and professional lives. 2020 has stretched us as individuals and… Continue reading Lessons Learned in Compliance Management in 2020

2020 was certainly a year for the history books. While it has been a roller coaster that moves on into 2021 now, it certainly had a lot of impact on… Continue reading GRC 20/20’s 2020 Research Year in Review

At times I can sound like a broken record – repeating myself over, and over, and over, and over again, and again, and again.  One of my prominent soapboxes over… Continue reading Why Spreadsheets, Documents & Emails Fail for GRC

At its core, GRC is the capability to reliably achieve objectives [GOVERNANCE], address uncertainty [RISK MANAGEMENT], and act with integrity [COMPLIANCE]. GRC is something organizations do, not something they purchase.… Continue reading Operationalizing GRC in Context of Legal & Privacy: the Last Mile of GRC

Compliance disclosures are a critical element of an organization’s compliance and ethics management program. The organization requires structured approaches to managing disclosures such as conflicts of interest, and a way… Continue reading Disclosure Management: Comparing Compliance Solutions

One of the greatest challenges to organizations today is managing the extended enterprise; the web of third-party relationships that support the business and its operations. The integrity of the organization… Continue reading A Business Case for Integrated Third-Party GRC Across the Extended Enterprise

Organizational exposure to compliance risk is rising while the cost of compliance soars. Organizations operate in a field of ethical, regulatory, and legal landmines. The daily headlines reveal companies that… Continue reading Delivering on Agile Compliance in Dynamic Business

Accountability is More Than Responsibility There is a difference between accountability and responsibility. An individual or organization can outsource or delegate responsibilities, but one cannot do so with accountability. To… Continue reading Efficiency & Agility in Accountability Compliance – SMCR, BEAR, SEAR, MIC, GIAC

Information governance has become a critical objective for organizations. In the context of the pervasive use of information throughout the enterprise, operational reliance on information, and increased regulation and liability… Continue reading A New Framework for Defining and Approaching Information Governance

It is finally here! For the past year, I have been working hard with OCEG on the Policy Management Illustrated eBook. I have spent countless hours behind Adobe Illustrator working… Continue reading Why Policies, and Policy Management, Matters