BLOG

Lean Thinking and GRC Program Initiatives

March 30, 2016
Having had a lean manufacturing background in my past has helped me to apply lean thinking concepts to a variety of industry problems no matter whether they are found in the "front office",  the "back office" or at a program level across an enterprise. Our organization has a history of ...more

Predictive Risk Analytics - Technology Landscape

March 30, 2016
Predictive models and analysis are typically used to forecast future probabilities. Applied to business, predictive models are used to analyze current data and historical facts in order to better understand customers, products and partners and to identify potential risks and opportunities for a ...more

Why PRA My Org?

March 30, 2016
Why is a Predictive Risk Analytics (PRA) Initiative so important in driving strategic shareholder value? 1.) Improve critical thinking 2.) Foster a new understanding of how to enhance an individual’s abilities in complex problem solving, and 3.) Strengthen judgment and decision-making These ...more

SIFMA Publishes Recommendations for Effective Cybersecurity Regulatory Guidance

March 30, 2016
SIFMA Publishes Recommendations for Effective Cybersecurity Regulatory Guidance   Release Date: October 20, 2014 Contact: Liz Pierce, 212.313.1173, [email protected]          SIFMA Publishes Recommendations for Effective Cybersecurity Regulatory ...more
Category: Cybersecurity

Driving Video Standards for Knowledge Management

March 30, 2016
Over the past year, I have been heavily researching, the best tools that would allow us, as educators, to drive our knowledge management practice capabilities and consulting practice capabilities to an entirely new level from that achieved in 2014 so that we can produce high quality ...more

Regulatory Compliance for the Small-to-Medium-sized Enterprise (SME)

March 30, 2016
Here's a LinkedIN GRC comment from Sanjay N:, "A lot of the attention is on the Compliance management problems of the larger companies but the challenge for the smaller companies with their limited staff, budgets and bandwidth is perhaps even greater. Cloud based systems probably offer some help ...more
Category: GRC for SME

Vendor / Product Assessment & Recommendations

March 30, 2016
We often assess GRC vendors and their "pure" enterprise-class GRC applications (including applications oriented towards Internal Audit and Security) using a proven process that has a number of mission-critical business objectives associated with the work.The top objectives are to reduce the risk ...more

Contextual Data Will Become Vital

March 30, 2016
I just came across Brenda Boultwood's article for GARP; "How People, Data and Conduct Will Shape Risk Management in 2015". In it she talks about context and the contextual data that concerns our ability to understand the implications of risk. This struck a cord with me because, I see Predictive ...more

PCAOB and SEC are Keeping Watch

March 30, 2016
It's amazing that after 12 years of collective experience with SOX-related audits of Internal Controls over Financial Reporting (ICFR) that companies and external auditors are struggling. Look at this factoid:   Among the Big 4, KPMG’s 46-percent audit deficiency rate follows only EY, ...more
Category: PCAOB and SEC

What comes after Executive Education?

March 30, 2016
Many of us within our GRC community often brainstorm on the best steps to take when a firm is just starting to consider investing in a GRC program initiative or system of record. Our team has seen a lot of responses to this question that range from writing a program charter to investing in a ...more