by David Ponder | Jul 25, 2018 | Risk Management
I recently came across a YouTube video post on risk management that piqued my interest. I don’t usually scour social media for risk management posts, but this one claimed to be a controversial stance, as emphasized Risk Management 1 and Risk Management 2 as...
by Andrew Gunter | Jul 17, 2018 | Chief Compliance Officers
Your Compliance team has finally decided to take the plunge and purchase a GRC solution. You have developed an eGRC vision (see last month’s post on creating an eGRC Vision), talked to stakeholders about needs, reviewed Forrester and Gartner’s reports on GRC, have...
by Holly Giammanco | Jul 10, 2018 | Risk Management
Control self-assessments, or CSAs, are where the leaders and supporting teams of business units, departments, or business processes directly engage in an evaluation of the objectives, risks, controls and processes they are responsible for managing. An effective CSA...
by Bryan Johnson | Jul 6, 2018 | Chief Compliance Officers, GRC Implementation
We have helped several organizations implement GRC processes and tools and have seen our fair share of successes and failures. A common thread we see with those who struggle is that and instead of seeing an eGRC software tool as something to bolster their GRC...
by David Ponder | Jun 27, 2018 | Risk Management, SOC Reports
“Dear vendor, your Service Provider’s SOC report doesn’t cover the services you’re providing us. Thank you for providing Amazon’s/Google’s/Microsoft’s SOC 2 report, but can you please provide a SOC 2 report that covers your...
by David Ponder | Jun 19, 2018 | Chief Compliance Officers
Watch a replay of our GRC Strategy Roadmap webinar here with no registration required In this webinar we discuss what GRC is, why you need a GRC Strategy Roadmap, and how you can leverage a Roadmap to guide through your GRC implementation journey. Wherever you are in...
by Andrew Gunter | Jun 12, 2018 | Chief Compliance Officers
The Chief Compliance Officer’s (CCO) roles and responsibilities at organizations are broad and far reaching. These responsibilities require the CCO to both drive a culture of ethics and compliance, and monitor ethics and compliance activities across the organization....
by Holly Giammanco | Jun 4, 2018 | GRC Implementation
Dramatic changes are happening in the world of risk, and it imperative that organizations are prepared to identify and proactively respond to these changes. Think about the changes that have occurred in technology in the last five years. Mobile technologies as well as...
by Holly Giammanco | Jul 21, 2017 | Regulatory
In August 2009, The American Institute of CPAs (AICPA) and the Canadian Institute of Chartered Accountants (CICA), with contributions from the Information Systems Audit and Control Association (ISACA) and The Institute for Internal Auditors (IIA) published the...
by David Ponder | Jul 7, 2017 | GRC Implementation
One theme that we experience over and over when working with clients who are implementing or improving Governance, Risk Management, and Compliance (GRC) processes and the eGRC systems that support them, is their overwhelming appetite for “big bang” implementations....
