Upcoming Events . . .
Latest Pontifications & Thoughts . . .
-
The Rise of GRC Architecture in GRC 3.0
Moving Beyond the GRC Platform to GRC Architecture Business is complex. Gone are the years of simplicity in business operations. Exponential growth and change in regulations, globalization, distributed operations, changing processes, competitive velocity, business relationships, disruptive technology, legacy technology, and business data encumbers organizations of all sizes. Keeping this complexity and change in sync is……
-
Where does conflict minerals fit into your broader 3rd party GRC strategy?
The 3rd Party GRC market is the fastest growing segment of the GRC market. The pressures are many: social accounability/international labor standards, quality, environmental, health and safety, privacy, informaiton security, credentialing, code of conduct, geo-political and operational risk. An organization's vendors, suppliers, outsourcers, agents, service providers, contractors, consultants, temporary workers . . . it is……
-
How Do I Achieve Effective, Efficient, & Agile Conflict Mineral Compliance?
The specific obligation of the Conflict Mineral Rule is to gather information about the use and source of 3TG in products and report to the SEC (and on the organization's website). As with other significant regulations with a far reach (e.g., Sarbanes Oxley), there is a lot of confusion out of the gates. This includes……
-
Growing Risk Exposure in Business Relationships
This is part 1 in GRC 20/20's series of posts on Conflict Mineral Compliance and broader 3rd Party GRC . . . No company is an island unto itself: organizations are a complex and diverse system of business relationships. Governance, risk management and compliance (GRC) challenges do not stop at traditional organizational boundaries. Organizations today……
-
About GRC 20/20
About GRC 20/20 Research, LLC 20/20 vision is perfect clarity in sight: clarity to see and process surrounding context and achieve situational awareness — to observe the world around you, be aware of risks, and react accordingly. Clarity of Governance, Risk Management & Compliance GRC 20/20 Research, LLC (GRC 20/20) provides clarity of insight into……
-
Research Terms & Conditions
These terms and conditions govern the use of GRC 20/20 Content (content includes, but is not limited to: website, research, intellectual property, and information in all forms). If you have any questions please email [email protected].
-
Characteristics of GRC 3.0
In the previous post I reviewed the history of GRC. In this post we examine the characteristics of GRC 3.0. REMEMBER: every organization does GRC. You may not call it GRC but your organization has some approach to governance, risk management, and compliance. The question is how mature is the organizations approach. The definition of……
-
ISO31000 and GRC: complementary?
ISO 31000 standard proposes a structured approach for any risk management program to include the vocabulary, principles, framework and process for the management of risk. GRC typically encompasses activities such as corporate governance, risk management and corporate compliance with applicable laws and regulations. What are the differences and what is the added value of each……
