Car Driving Fast

Aligning the Organization for Principled Performance

We all know that keeping a car’s wheels in alignment is essential.  Misalignment causes a lot of problems, from loss of steering control to reduction in the safety and durability of the tires.  In the same way, alignment failures in the GRC capabilities of an organization can knock us off the pathway to Principled Performance, cause us to swerve beyond the boundaries of acceptable operations, use up resources unwisely, and put the organization at risk.

Read more
Yogi words

Yogi Berra’s Words of GRC Wisdom

No one ever accused me of being a baseball fan, but I was a fan of the great Yogi Berra and his way with words. Today, with a sad smile and remembrance, I just want to pay tribute to the man with a nod to how some of his more memorable sayings fit so well into my world; the world of governance, risk management and compliance, or GRC.

Read more

Learning Lessons for Principled Performance

Our business context is constantly and rapidly changing. We have to be ready to respond and change our controls, tactics, strategies, and even objectives if need be, to achieve Principled Performance. That is why the concept of “Learn” is the first component in OCEG’s GRC Capability Model. If we don’t stay on top of our game by observing change, analyzing what it means for us and responding appropriately, everything else we do — from risk assessments to action on strategic and operational plans to compliance efforts — will be stagnant and just plain wrong before we know it. Consider the following example.

Read more
Wash Hands

In GRC, One Hand Washes the Other

Most likely, if you work in the areas of governance, risk management, or compliance, you are already familiar with the “three lines of defense” model that describes risk management in three layers. It’s a good model for understanding how risk is, at some level, everyone’s responsibility, but the discussion needs to go further than most of what I have seen so far.

Read more