Upcoming Events . . .
Latest Pontifications & Thoughts . . .
-
Case Management: Benefits of Case Management Software
Over the past several weeks, I have been exploring the challenges and strategic approaches and processes for issue reporting and case management. Previous posts include: Challenges in Issue Reporting & Case Management Components of an Effective Incident/Case Management Process With processes defined and structured the organization can now define the information architecture needed to support……
-
Governance, Risk Management and Compliance of Third Party Relationships
One of the greatest challenges upon organizations today is governing third party relationships, particularly the risk and compliance aspects of these relationships. Organizations today are dynamic, distributed, and face constant disruption and this is exponentially impacted by the number and variety of third party relationships in an organization. Consider that over half of many organizations……
-
GRC Innovation, Simplicity & Directions
It has been stated that: Any intelligent fool can make things bigger, more complex and more violent. It takes a touch of genius – and a lot of courage to move in the opposite direction.[1] A primary directive of GRC 4.0 is to provide GRC processes and information that is innovative, contextually intelligent, assessable, an……
-
GRC 4.0 – the Next Generation of Cognitive GRC Technology
For those that follow my research, governance, risk management, and compliance (GRC) is something every organization does though not every organization does well. Every organization has some approach to GRC whether they call it GRC or something else. Many do not have a name for it. It can be an unstructured, reactive, non-integrated, fire fighting……
-
Components of an Effective Incident/Case Management Process
Distributed and dynamic business requires the organization to take a strategic approach to issue reporting and case management. Organizations require complete situational and holistic awareness of issues, incidents, investigations, and cases across business operations and processes. This is best approached through structured and accountable processes enabled through an integrated information and technology architecture for issue……
-
Challenges in Issue Reporting & Case Management
The Best Laid Plans of Mice and Men . . . Organizations today are distributed and dynamic. With the globalization of business, organizations find that governance, risk management, and compliance (GRC) has become complex; crossing departments, jurisdictions, geographies, and cultures. The modern organization is a complex web of employees, suppliers, vendors, contractors, consultants, agents, and……
-
GRC in Crisis
The world around us is in a state of alarm. Hurricane after hurricane hits the Gulf of Mexico and Caribbean. Devastating earthquakes have hit Mexico. Geo-poltical tensions are playing themselves out in the United Nations and the news. A massive data security and privacy breach at Equifax. My home state of Montana (yes, I live……
-
GRC Archetypes: Compliance & Ethics Management
Compliance and ethics has become a significant challenge for organizations across industries, geographies, and business boundaries. It is inundated with challenges such as anti-bribery and corruption, market conduct, conflict of interests, third party (e.g., vendor/supplier) compliance, code of conduct, and more. Organizations are struggling to deal with the pace of regulatory change. Not only from……
-
GRC Archetypes: Policy Management
Policy management is the capability to establish, manage, monitor, and enforce policies to reliably achieve objectives, while addressing uncertainty, and act with integrity across the organization (adapted from the OCEG GRC definition). Policies are critical to the organization to establish boundaries of behavior for individuals, processes, relationships, and transactions. Starting at the policy of all policies –……
-
GRC Archetypes: Third Party Management
Third party management is the capability to reliably achieve objectives, while addressing uncertainty, and act with integrity in and across the organizations third party relationships/extended enterprise (adapted from the OCEG GRC definition). Brick and mortar business is a thing of the past: physical buildings and conventional employees no longer define an organization. The modern organization……
-
Diary of a Wimpy GRC Solution
I understand what it is like to be the underdog. In grade school and junior high I was the target to be picked on. The scrawny emotional kid that was an easy target. Things changed. In high school my Viking Danish DNA caught up and I became a more forbidding obstacle to be a target……
-
Three Lines of Defense: Enabling High Performing Organizations
Like battling the multi-headed Hydra in Greek mythology, redundant, manual, and uncoordinated governance, risk management, and compliance (GRC) approaches are ineffective. As the Hydra grows more heads of regulation, legal matters, operational risks, and complexity, scattered departments of GRC responsibilities that do not work together become overwhelmed and exhausted and start losing the battle. This……
