Recent Stories

Understanding The Silos In GRC: Systems Of Evidence Vs. Systems Of Knowledge

Understanding The Silos In GRC: Systems Of Evidence Vs. Systems Of Knowledge

The problem of silos within GRC comes down to a conflict between systems of evidence and systems of knowledge.
The State Of GRC: Should We Manage Controls?

The State Of GRC: Should We Manage Controls?

The state of GRC: Are internal controls a manageable dimension of the business and do we understand how to manage them?
Dead Rats In Risk Management: The Myth Of Complexity

Dead Rats In Risk Management: The Myth Of Complexity

Risk management: If business is more complex and managing a business is more difficult, we have failed, not as risk managers, but as control managers.
The State Of GRC: Should We Manage Controls?

The State Of GRC: Should We Manage Controls?

If the risks are the same but they’re happening in more places, then we need to examine our GRC practices.
audit committee

Three Lines Of Defense: Collaboration, Not Segregation

The 3 lines of defense model is essential, but insufficient. Here is what it’s missing.
A New Approach To Risk Oversight: A Lens To Look Through And Levers To Pull

A New Approach To Risk Oversight: A Lens To Look Through And Levers To Pull

Risk oversight requires the ability to differentiate risks in a meaningful way and to develop responses appropriate to the nature of the risk.
Dead Rats And GRC

Dead Rats And GRC

Common in the GRC world, dead rats are random, somewhat mysterious, kind of ugly, undeniable realities. The very presence of a dead rat causes anxiety.
employee training

A Strategic Solution For The Disintegration Of GRC

Governance, risk, and compliance (GRC) requires a strategic approach to address business risks and solutions. We invite your feedback to SAP's new app.
Does The Super Bowl Need SOX?

Does The Super Bowl Need SOX?

Football does have its problems – setting an example for transparency with minimal external regulation. What can the business world learn from the sport?
Why Speed Matters To GRC

Why Speed Matters To GRC

Speed in GRC changes everything. Why haven't we begun to imagine the possibilities, let alone exploit them?