Learn more about how GRC processes and technologies support a more mature and effective business continuity management (BCM) capability.
Fraud affects everyone in the company. It undermines trust and exposes weaknesses in the business. Can you fight fraud with the GRC Assessment Tools? Yes — let me show you how.
Too often, change management in GRC falls short, leading to disruption and lack of support for the critical risk and compliance activities that enable effective governance. The solution is to adopt a risk-based approach to change management.
Perhaps I should be faulted for first discussing (in earlier posts) how risk management and compliance management fit into the new GRC Capability Model before talking about governance. After all, isn’t the “G” in “GRC” the first and most important part of the acronym?
Our friend, James McRitchie at CorpGov.net, posted a book review last week. Anything James recommends is usually a good bet. So, I bought the book, read it, and can recommend it as well.
A high-performing GRC system will always deliver value. Always. The value of a business activity or department directly relates to its contribution to business objectives. For that reason, focusing on measuring GRC activities themselves (risk assessment, policy management, training and communication, or control management, for example) isn’t sufficient. Rather, executives must place a special focus on the desired system outcomes that result from those activities.