OCEG has a new illustration on Balancing Your Compliance Program that shows the value of having automated workforce compliance management. It’s a great resource showing how to get better results with your employees. But who besides full-time employees are part of the workforce in the current economy?
Poor GRC information waste resources and time — and may be increasing risk to your business. The answer is a four step structured approach to identifying, sharing and analyzing GRC information.
Too often, change management in GRC falls short, leading to disruption and lack of support for the critical risk and compliance activities that enable effective governance. The solution is to adopt a risk-based approach to change management.
Is your policy management system keeping pace with your workforce? We’re not living in the 1950’s or the 1990’s for that matter – times have changed. Your policy management needs to keep up. Organizations need to provide engaging, interactive, and interesting policy management content and tools.
What’s at the core of GRC technology? According to Joe DeVita, Partner & GRC Technology Leader, PwC, successful GRC technology must align, automate and integrate business processes.
Huge anti-corruption fines. A focus on corporate conduct. Globalization. Each of these trends has put a lot of pressure on third party management programs. In the OCEG Tech Talk, “Anti-Corruption and Technology,” Ken Kurtz, Dennis Haist, and Tony Charles from STEELE CIS share insight and advice on managing anti-corruption in third party relationships.
“It’s common to see billion dollar fines instead of million dollar fines.” A scary but real fact in regulatory compliance enforcement. Andrew Neblett, SVP, Thomson Reuters discusses these issues in the Tech Talk video interview “Regulatory Monitoring and Intelligence.”
Most likely, if you work in the areas of governance, risk management, or compliance, you are already familiar with the “three lines of defense” model that describes risk management in three layers. It’s a good model for understanding how risk is, at some level, everyone’s responsibility, but the discussion needs to go further than most of what I have seen so far.
Forty years ago today, committees in the House and Senate of the U.S. Congress were contemplating what eventually became the Government in the Sunshine Act, a seminal piece of legislation meant to increase transparency of government action.
Since I posted an outline of where Risk Management resides in Version 3.0 of OCEG’s GRC Capability Model recently, I’ve been getting requests from compliance officers to show them exactly where compliance management is in the Model. And again, the answer is everywhere.