The folks at the Open Compliance & Ethics Group have been developing a professional education and certification program for governance, risk management and compliance professionals. Basically, it’s a program that helps to build on existing credentials and “round out” an executive’s skills so that they are more effective at integrating all of these processes (e.g., [...]
Archive | GRC RSS feed for this section
The 2010 OCEG GRC Achievement Awards Presentation
The Open Compliance and Ethics Group will recognize the great strides that many organizations have made in improving and integrating their approaches to governance, risk management, and compliance. The winners were: Best Buy – Ethics blog for employees Capital One – GRC implementation Carnival Corporation – Integrated approach to GRC Management Direct TV- Embedding spreadsheet [...]
Compliance and Solitaire
Compare playing solitaire on your computer against using a deck of cards to play solitaire. The computer won’t let you cheat. You can’t put the card on a stack if it doesn’t belong on that stack. The rules are embedded in game’s software. Ultimately, that should be one of the goals for compliance. You want [...]
Self-Assessments: Criteria and Procedures for Evaluating GRC Programs
My notes, live, from Self-Assessments: Criteria and Procedures for Evaluating GRC Programs, with Gracie Fisher Renbarger, Chief Ethics and Compliance Officer of Dell; Nan Stout, Vice President Business Ethics of Staples; and Carole Stern Switzer, President of OCEG. Carole started off with two observations: Designing, implementing, and improving a governance, risk management and compliance (GRC) [...]
Tips for Getting Your GRC Program Running Quickly
Mike Hoefgen of CA put together some Tips for Getting Your GRC Program Running Quickly. Even if you do not put your compliance program into the GRC archetype there are some useful thoughts. It is not a project. GRC / compliance is an on-going business process. I encountered this when I was in knowledge management. [...]
GRC Predictions for 2009
Sumner Blount of CA has published his GRC Predictions for 2009. Risk will continue to grow in importance. Risk and compliance initiatives will continue to be consolidated. A shift in how risk is perceived and categorized. Continued regulatory requirements.
IT for GRC: Improving Information Quality
Carole Switzer, President of OCEG and Lee Dittmar, principal of Deloitte Consulting LLP presented this webinar. There is an imperative to improve governance, risk management and compliance processes to better manage risk, address increasing regulatory requirements, increased executive accountability and the fragmentation of information. It is about getting the right information, to the right person, [...]
Policy Lifecycles
Sumner Blount of CA puts together his thoughts on the lifecycles of policies:Policy Lifecycles: The Foundation for a Unified GRC Approach. As you can easily see, it’s a constant feedback loop, where policies are devised, controls are created and tested, and risks adjusted based on the success of those controls.
A Unified Approach to GRC
A participated in a webinar by Carole Stern Switzer of OCEG and Sumner Blount of CA, Inc. on Unified Governance, Risk and Compliance. Governance – the culture, policies, processes, laws and institutions the define the structure by which companies are directed and managed. Risk – the effect of uncertainty on business objectives. Compliance – The [...]
Ethics as a Business Process
Adam Turteltaub wrote Ethics as a Business Process for the fall 2005 edition of GRC 360. Forward-looking companies are seeking to evolve business from soft art to hard science as a means to win in the marketplace, improve competitive advantage, achieve higher market valuations, ensure employee retention, foster fruitful partnerships and strengthen customer satisfaction. . [...]
Subscribe
You can keep coming back to this website, but we can notify you when there is a new story if you Subscribe.
