Articles about: GRC


SOX Redux – An Opportunity for a Fresh Look

I recently re-read a 2006 Harvard Business Review piece by Stephen Wagner and Lee Dittmar entitled The Unexpected Benefits of Sarbanes-Oxley and was impressed again by the authors’ prescient view that more companies would eventually see the business performance value that controls and structures demanded by SOX could provide. Much of what they predicted about the future of SOX compliance is reflected in OCEG’s new illustration on Performance-Driven Sox Compliance Management.

Read more

May the Force be With You on the Path to Principled Performance

Two important and, for some, potentially life changing events took place this month – the release of the new Star Wars movie and New York Governor Cuomo’s announcement of a proposed anti-money laundering and anti-terrorism rule that would impose personal criminal penalties on chief compliance officers who falsely or incorrectly certify that their institution’s Transaction Monitoring and Filtering Program complies with all the requirements” of the rule. So what do they have in common? It just might be the need for “the Force.”

Read more

Learning Lessons for Principled Performance

Our business context is constantly and rapidly changing. We have to be ready to respond and change our controls, tactics, strategies, and even objectives if need be, to achieve Principled Performance. That is why the concept of “Learn” is the first component in OCEG’s GRC Capability Model. If we don’t stay on top of our game by observing change, analyzing what it means for us and responding appropriately, everything else we do — from risk assessments to action on strategic and operational plans to compliance efforts — will be stagnant and just plain wrong before we know it. Consider the following example.

Read more