Emerging risk or head-in-sand risk? blog
Too many people are getting distracted by so-called emerging risk that is little more than head-in-sand risk. Why? Because most all emerging risks simply aren't new, they are just knew to someone who didn't do a good job of risk evaluation.
What is a "oops"? The risk that was missed.
WYSIATI - Jumping to Conclusions with Limited Evidence blog
Over confidence in our ability to assess risks has led to more mistakes than we care to admit. WYSIATI - "What You See Is All There Is" describes a set of biases that prevents us from becoming better risk managers. Why is this the case? Because we jump to conclusions based on weak evidence and confuse correlation with causation.
SAI Global GRC Software
SAI Global’s GRC Platform provides a flexible software solution to manage and profile risks, compliance obligations, incidents and cases, policies, and learning across the organization. Specific applications include configurations for environmental, health and safety use and for bribery and corruption risk management. A full utilization of SAI Global's software enables integration with SAI Global's Learning & Communication Platform and a single view across highly decentralized global operations. This inevitably results in better use of human capital, reduced costs, increased transparency and improved business results. A partial list of solution components, deployable as standalone elements or integrated, include risk assessment and profiling; obligations management; case and incident management; policy management; registries to manage gifts, hospitality, entertainment, facilitation payments and conflicts of interests; audit management; integration with hotline; and a fully configurable GRC Dashboard that integrates with learning and communication.
- IT.02 - Board and Entity Management
- IT.05 - Compliance Management
- IT.11 - Environmental, Health, and Safety
- IT.14 - Global Trade Compliance/International Dealings
- IT.15 - Hotline/Helpline
- IT.19 - Issue and Investigations Management
- IT.22 - Policy Mgmt, Communication & Training
- IT.23 - Privacy Management
- IT.26 - Risk Management
- IT.26 - Regulatory Intelligence and Monitoring
- IT.28 - 3rd Party/Vendor Risk & Compliance
- (C) Context
- M1. Context Monitoring
- P1. Proactive Actions & Controls
- R1. Responsive Actions & Controls
- D2. Notification
- M2. Performance Monitoring
- P2. Codes Of Conduct
- R2. Internal Investigation
- D3. Inquiry
- P3. Policies
- R3. 3rd Party Inquiry & Investigation
- M4. Assurance
- P4. Education
- (O) Organize
- (A) Assess
- (I) Interact
easy2comply Risk Management software
easy2comply Risk Management software solution enables efficient operational/ enterprise risk management in order to improve business processes and performance and simplify regulatory compliance. easy2comply allows you to identify, measure, control and manage operational/ enterprise risk by documenting your processes, risks and controls, accumulating and quantifying loss events, and providing management insight via reports, dashboards, heat-maps, what-if simulations and remediation plans. The software provides a full set of functionality, best practices, built-in work flow and a decision support system for ORM optimization. easy2comply’s unique architecture enables building a common framework and repository for multiple GRC processes, while allowing each individual project to be managed separately according to its own time frame, functionality, methodology and work flow. easy2comply’s singular software architecture provides the technological basis for enabling GRC convergence and a truly integrated GRC framework.
- IT.12 - Finance/Treasury Risk Management
- IT.26 - Risk Management
Regulatory Intelligence by Michael Rasmussen: an Axentis Thought Leadership White Paper resource White Papers Member contributionOCEG Reviewed
"The old paradigm of regulatory change management is clearly a recipe for disaster given the volume, pace of change
CRS, Public Health, Workforce, Quality, and Related Provisions in the Patient Protection and Affordable Care Act (PPACA) (June 2010) resource Research / Studies
Summary: The Patient Protection and Affordable Care Act (PPACA) includes numerous provisions intended to increase the primary care and public health workforce, promote preventive services, and strengthen quality measurement.
Why is GRC important? blog
I have been blogging about what GRC is, advocating the definition developed by the Open Compliance and Ethics Group, OCEG (see this and subsequent posts). But, I haven’t really talked about why the concept of GRC has value.
BWise, a NASDAQ OMX company Technology Provider
SAI Global Advisory and/or Audit FirmContent ProviderTechnology Provider
