Archive | GRC RSS feed for this section

GRC Professional Survey

The folks at the Open Compliance & Ethics Group have been developing a professional education and certification program for governance, risk management and compliance professionals. Basically, it’s a program that helps to build on existing credentials and “round out” an executive’s skills so that they are more effective at integrating all of these processes (e.g., […]

Read full story · Comments { 0 }

The 2010 OCEG GRC Achievement Awards Presentation

The Open Compliance and Ethics Group will recognize the great strides that many organizations have made in improving and integrating their approaches to governance, risk management, and compliance. The winners were: Best Buy – Ethics blog for employees Capital One – GRC implementation Carnival Corporation – Integrated approach to GRC Management Direct TV- Embedding spreadsheet […]

Read full story · Comments { 0 }

Compliance and Solitaire

Compare playing solitaire on your computer against using a deck of cards to play solitaire. The computer won’t let you cheat. You can’t put the card on a stack if it doesn’t belong on that stack. The rules are embedded in game’s software. Ultimately, that should be one of the goals for compliance. You want […]

Read full story · Comments { 0 }

Self-Assessments: Criteria and Procedures for Evaluating GRC Programs

My notes, live, from Self-Assessments: Criteria and Procedures for Evaluating GRC Programs, with Gracie Fisher Renbarger, Chief Ethics and Compliance Officer of Dell; Nan Stout, Vice President Business Ethics of Staples; and Carole Stern Switzer, President of OCEG. Carole started off with two observations: Designing, implementing, and improving a governance, risk management and compliance (GRC) […]

Read full story · Comments { 1 }

Tips for Getting Your GRC Program Running Quickly

Mike Hoefgen of CA put together some Tips for Getting Your GRC Program Running Quickly. Even if you do not put your compliance program into the GRC archetype there are some useful thoughts. It is not a project. GRC / compliance is an on-going business process. I encountered this when I was in knowledge management. […]

Read full story · Comments { 0 }

GRC Predictions for 2009

Sumner Blount of CA has published his GRC Predictions for 2009. Risk will continue to grow in importance. Risk and compliance initiatives will continue to be consolidated. A shift in how risk is perceived and categorized. Continued regulatory requirements.

Read full story · Comments { 0 }

IT for GRC: Improving Information Quality

Carole Switzer, President of OCEG and Lee Dittmar, principal of Deloitte Consulting LLP presented this webinar. There is an imperative to improve governance, risk management and compliance processes to better manage risk, address increasing regulatory requirements, increased executive accountability and the fragmentation of information. It is about getting the right information, to the right person, […]

Read full story · Comments { 0 }

Policy Lifecycles

Sumner Blount of CA puts together his thoughts on the lifecycles of policies:Policy Lifecycles: The Foundation for a Unified GRC Approach. As you can easily see, it’s a constant feedback loop, where policies are devised, controls are created and tested, and risks adjusted based on the success of those controls.

Read full story · Comments { 0 }

A Unified Approach to GRC

A participated in a webinar by Carole Stern Switzer of OCEG and Sumner Blount of CA, Inc. on Unified Governance, Risk and Compliance. Governance – the culture, policies, processes, laws and institutions the define the structure by which companies are directed and managed. Risk – the effect of uncertainty on business objectives. Compliance – The […]

Read full story · Comments { 0 }

Ethics as a Business Process

Adam Turteltaub wrote Ethics as a Business Process for the fall 2005 edition of GRC 360. Forward-looking companies are seeking to evolve business from soft art to hard science as a means to win in the marketplace, improve competitive advantage, achieve higher market valuations, ensure employee retention, foster fruitful partnerships and strengthen customer satisfaction. . […]

Read full story · Comments { 0 }