I recently re-read a 2006 Harvard Business Review piece by Stephen Wagner and Lee Dittmar entitled The Unexpected Benefits of Sarbanes-Oxley and was impressed again by the authors’ prescient view that more companies would eventually see the business performance value that controls and structures demanded by SOX could provide. Much of what they predicted about the future of SOX compliance is reflected in OCEG’s new illustration on Performance-Driven Sox Compliance Management.
OCEG has a new illustration on Balancing Your Compliance Program that shows the value of having automated workforce compliance management. It’s a great resource showing how to get better results with your employees. But who besides full-time employees are part of the workforce in the current economy?
As a GRC professional, or auditor, how do you provide assurance on the GRC capabilities within your organization? Where do you turn?
Two important and, for some, potentially life changing events took place this month – the release of the new Star Wars movie and New York Governor Cuomo’s announcement of a proposed anti-money laundering and anti-terrorism rule that would impose personal criminal penalties on chief compliance officers who falsely or incorrectly certify that their institution’s Transaction Monitoring and Filtering Program complies with all the requirements” of the rule. So what do they have in common? It just might be the need for “the Force.”
Big data is transforming the world of governance, risk management, and compliance (GRC). In the Tech Talk video interview Big Data and GRC, Bruce McCauig, Director of Solution Marketing for SAP, shares thoughtful stories from his experience as a chief auditor, global consultant, and board member. He also talks about exciting big data technology solutions from SAP.
Governance, risk management, and compliance (GRC) technology can provide big benefits to your organization. What can you expect and where do you start?
Our business context is constantly and rapidly changing. We have to be ready to respond and change our controls, tactics, strategies, and even objectives if need be, to achieve Principled Performance. That is why the concept of “Learn” is the first component in OCEG’s GRC Capability Model. If we don’t stay on top of our game by observing change, analyzing what it means for us and responding appropriately, everything else we do — from risk assessments to action on strategic and operational plans to compliance efforts — will be stagnant and just plain wrong before we know it. Consider the following example.