GRC Journal | GRC Blog
- If IT Policies Could Talk
Ask a CIO to tell you about their compliance challenges and he'll talk in terms of information systems. Ask the CFO or General Counsel they'll talk... - Compliance Never Rests - Can You?
I was through my second cup of coffee this afternoon when the coffee buzz hit my head. It provided the desired effect that enabled me to zoom through the rest of the day, but... - Attention Compliance and Risk Officers: Are You Giving Your Board of Directors What It Needs?
In the years since the Sarbanes-Oxley act was enacted, much focus has been put on the role of the Board of Directors. For most organizations this has resulted in significant changes... - Integrate the Three P's of Compliance and Risk Management: Policies, Process, and People
"Internal control is effected by people. It's not merely policy manuals and forms, but people at every level of an organization." - The View from the 12th Annual Money Laundering Conference
I am wearing the green here at the 12th Annual Money Laundering conference in Hollywood Florida... - Does Your PCI DSS Stand on Sound Policies and Processes?
Last week I attended a two-day PCI DSS seminar at Visa in Foster City taught by PCI expert Chris Mark. - Is AML Compliance the First Step to GRC Nirvana?
While I was researching the anti-money laundering (AML) landscape I found two great articles by experts put AML in a larger frame of Enterprise Governance. - GRC doesn't have to mean Govern Randomly with Chaos...
...that is, not if you take an integrated, top-down view of governance, risk and compliance management.