WYSIATI - Jumping to Conclusions with Limited Evidence blog
Over confidence in our ability to assess risks has led to more mistakes than we care to admit. WYSIATI - "What You See Is All There Is" describes a set of biases that prevents us from becoming better risk managers. Why is this the case? Because we jump to conclusions based on weak evidence and confuse correlation with causation.
SAS Enterprise GRC
SAS Enterprise GRC strengthens governance and trust with systematic management of risk. It detects and helps prevent violations, allowing you to align strategy with risk appetite. The solution builds a reliable view of risk compliance, facilitates collaboration between GRC teams and reduces the cost of risk management through automation. Benefits Demonstrates an effective implementation of the GRC framework. Enhances the quality of decision making across the organization. Reduces the likelihood of unpleasant surprises for all stakeholders. Enhances the efficiency and effectiveness of GRC processes. Reduces risk-related losses. Reduces the risk of regulatory compliance violations. Provides more reliable assurance to stakeholders. How SAS® Is Different Creates a common and integrated repository of all critical GRC components (e.g., risks, controls, policies, audits, etc.). Facilitates collaboration between various GRC teams, which will be difficult when the GRC components are in multiple systems. Reduces cost of risk management and compliance by reducing duplication of data and processes. Links all critical GRC elements, enabling you to easily visualize and assess the impact of a business decision in one part of the organization over other parts of the organization.
- IT.01 - Audit and Assurance Management
- IT.03 - Brand and Reputation Management
- IT.04 - Business Continuity Management
- IT.05 - Compliance Management
- IT.07 - Control Activity, Monitoring, and Assurance
- IT.16 - Information/IT Risk & Security
- IT.22 - Policy Mgmt, Communication & Training
- IT.26 - Risk Management
- IT.26 - Regulatory Intelligence and Monitoring
- IT.27 - Strategy, Performance, and Business Intelligence
- IT.28 - 3rd Party/Vendor Risk & Compliance
- A1. Identification
- D1. Detective Actions & Controls
- I1. Info Management
- M1. Context Monitoring
- O1. Commitment
- P1. Proactive Actions & Controls
- R1. Responsive Actions & Controls
- A2. Analysis
- M2. Performance Monitoring
- O2. Roles
- P2. Codes Of Conduct
- R2. Internal Investigation
- A3. Planning
- D3. Inquiry
- I3. Technology
- M3. Systemic Improvement
- O3. Accountability
- P3. Policies
- C4. Objectives
- M4. Assurance
- R5. Remediation
- P7. Risk Financing
The Maturity of GRC in the Public Sector: Where Are We Today? Where Are We Going? (2010) resource Research / Studies OCEG Reviewed
Author: Anna. D. Gowans Miller, MBA, CPA; AGA CPAG Research Series: Report No. 26 (September 2010)
Future of Finance: Driving Business Value Through Performance of the Finance Function (Ernst & Young, 2010) resource White Papers OCEG Reviewed
Abstract - Finance performance improvement starts with framework. Amid signs of economic recovery, we suggest in "The Future of Finance" that CFOs establish and implement a holistic framework that identifies weaknesses and potential improvements, and which helps enable Finance to be more effective, lower costs and help deliver more value to the bottom line.
USSC, 2010 Federal Sentencing Guidelines Manual resource Agency Guidances OCEG Reviewed
The United States Sentencing Commission (USSC) is an independent agency in the judicial branch of government.
Asian Corporate Governance Association (ACGA) - Singapore Codes and Rules resource Organizations & Associations OCEG Reviewed
Contents and links on this site:
- Laws
- Accounting Standards
- Regulations
- Listing Rules
- Official Codes and Guidelines
Consultation Paper on Corporate Governance Regulations and Guidelines, Monetary Authority of Singapore, March 2010 resource Standards and Guidelines OCEG Reviewed
Consultation Paper P006 - March 2010
Preface: This consultation paper sets out proposed changes to the Banking (Corporate Governance) Regulations 2005 (the “Banking Regulations”) and Insurance (Corporate Governance) Regulations 2005 (the “Insurance Regulations”), collectively termed as the “Regulations” in this paper, and Guidelines on Corporate Governance (the “Guidelines”).
Corporate Governance and Executive Compensation Provisions of the Dodd-Frank Act (July 2010) resource Articles OCEG Reviewed
Harvard Law School Forum on Corporate Governance and Financial Regulation (July 8, 2010)
