Upcoming Events . . .
Latest Pontifications & Thoughts . . .
-
An Enterprise Approach to Issue Reporting & Case Management
GRC 20/20 has seen many organizations take an enterprise perspective on aspects of GRC, such as Enterprise Policy Management, Enterprise Third Party Management, and, of course, Enterprise Risk Management. Over the… Continue reading An Enterprise Approach to Issue Reporting & Case Management
-
3 Key Findings from the Policy Management by Design Workshop
Policy management is a crucial component of a larger corporate governance, risk management, and compliance (GRC) program. Adherence to external regulations and instilling employee accountability starts with well-established organizational policies… Continue reading 3 Key Findings from the Policy Management by Design Workshop
-
2019 GRC User Experience Award Nominations
GRC 20/20 is accepting nominations for the 2019 GRC User Experience Awards! Governance, risk management and compliance (GRC) is a part of everyone’s job. Too often we shovel GRC into… Continue reading 2019 GRC User Experience Award Nominations
-
Improving Policies Through Metrics
It is unfortunate that many policies are written and then left to slowly rot over time. What was a good policy five years ago may not be the right policy… Continue reading Improving Policies Through Metrics
-
Policy Management Requires Attention
Policies: A Foundation in GRC Strategies Policies are critical to organizations as they establish boundaries of behavior for individuals, processes, relationships, and transactions. An organization must establish policy it is… Continue reading Policy Management Requires Attention
-
Why it Makes Sense to Manage Retention with Privacy and GDPR
There is increasing focus on the protection of personal identity information around the world. Over the past two decades, we have seen increasing regulations such as US HIPAA, US GLBA,… Continue reading Why it Makes Sense to Manage Retention with Privacy and GDPR
-
GDPR in Third Party Relationships Stretches Resources
As the years go by, there is increasing focus on the protection of personal identity information around the world. Over time we have seen new regulations such as US HIPAA, US GLBA,… Continue reading GDPR in Third Party Relationships Stretches Resources
-
Internal Control Management by Design
Business is complex. Exponential growth and change in regulations, globalization, distributed operations, changing processes, competitive velocity, business relationships, disruptive technology, and business data impedes organizations. Keeping complexity and change in… Continue reading Internal Control Management by Design
-
Critical Capabilities & Considerations for Evaluation of Policy & Training Management Platforms
I get a lot of inquiries from organizations looking for policy management platforms. Some for a department focused need (e.g., IT security, health and safety, Human Resources), others for a… Continue reading Critical Capabilities & Considerations for Evaluation of Policy & Training Management Platforms
-
How Technology Enables Enterprise Risk Management
Risk management fails when information is scattered, redundant, non-reliable, and managed as a system of parts that do not integrate and work as a collective whole. The risk management information… Continue reading How Technology Enables Enterprise Risk Management
-
How to Purchase Policy & Training Management Platforms
Organizations often lack a coordinated enterprise strategy for policy development, maintenance, communication, attestation, and training. An ad hoc approach to policy management exposes the organization to significant liability. This liability… Continue reading How to Purchase Policy & Training Management Platforms
-
GRC Critical Capabilities and Purchasing Considerations
There is a broad array of governance, risk management, and compliance (GRC) related solutions available in the market. In fact, GRC 20/20 has catalogued and mapped over 800 technology solutions and… Continue reading GRC Critical Capabilities and Purchasing Considerations
