I am a James Bond fan and eagerly anticipate the next James Bond film, “No Time to Die.” Unfortunately, because of the global crisis we all now face, we have to wait until November 2020 instead of seeing it on the big screen this month. While we wait for this next installment in the 007 sagas, we can still learn……

In a time of crisis, like what we face with the global pandemic, centralizing compliance and ethics communications and reporting is critical to streamline interactions, maintain corporate culture and integrity, improve employee morale, and communicate expectations. However, a lot of organizations are finding they are not prepared. Consider that a lot of policies are changing……

I may be going out on a limb and stepping on a lot of toes right now by frustrating some careers and reputations of risk managers. Simply put, this global pandemic/crisis is not a black swan event. I am finding too many GRC and specifically risk management professionals are trying to cover their behinds by……

Policies are critical documents in organizations. They define how business is to be conducted as they establish boundaries and expectations for individual and process behavior. Policies enable and intersect all three elements of governance, risk management, and compliance (GRC). It is through policies that are clearly written, communicated and understood, and enforced that the organization……

These are crazy and uncertain times, but this does not mean governance, risk management, and compliance (GRC) comes to a halt in organizations. It is the opposite, this is the time for strong corporate governance, risk management, and compliance. This is what gets organizations through the crisis and allows them to navigate the chaos. As……

I feel that I am in an alternate reality. This cannot possibly be the real world. Are we living in a DC multi-verse where there are different GRC technology realities and I am just confused as I woke up in the wrong world? Anyone following me long knows my frustration with Gartner and the Magic……

Business today is changing minute-by-minute and second-by-second. Processes and technology and their configurations are changing. Employees and their access into systems is changing as new employees are hired, others change roles and have inherited rights issues, others leave the organization. Transactions and vendors are changing. The pace of change in business today requires new approaches to……

Organizations are dynamic and distributed. They are changing minute-by-minute and second-by-second. That is challenging many risk management programs, but the complexity of distributed business further chaos to the organization and makes risk management very complicated. There is no such thing as brick and mortar business, organizations are not defined by employee relationships. Half of an……

Privacy has become a front-and-center compliance risk in organizations around the world. GDPR (Europe), CCPA (California), APP (Australia), PIPEDA (Canada), PDO (Hong Kong), PIPA (Japan), ECTA (South Africa)…the world of privacy compliance is like a bowl of alphabet soup, yet this list just highlights some of many privacy regulations bearing down on organizations. The challenge with privacy compliance is……

The importance of stages Climbing a mountain like Mount Everest is not done haphazardly. It takes careful planning and an organized route. It also involves breaking the trek up the mountain into stages. One does not simply run up Mount Everest. You climb a mountain like Everest too quickly . . . you die. Tackling……

Business is No Longer Brick & Mortar Walls I was recently talking to a global manufacturer about the challenges they face in defining their organization. The challenge is that there are no more brick and mortar walls that define the organization. Their organization, like yours, is a web of third party relationships. In many areas,……