Recent Stories

Why Speed Matters To GRC

Why Speed Matters To GRC

About five years ago, I was sitting beside a pool in Palm Springs while on a winter vacation when my phone rang. It was one of…
Everything I Know About Key Risk Indicators I Learned In Middle School

Everything I Know About Key Risk Indicators I Learned In Middle School

A number of years ago, while living near Houston, Texas and working for a major oil company as an audit director, I joined the local volunteer fire department…
dead rat

Dead Rats In Risk Management

It seems that almost every day I read blogs or articles in professional journals lamenting the fact that business executives aren’t supporting risk management initiatives in their business or not consuming the reports and conclusions of their risk…
GRC quiz

Dead Rats And GRC

GRC Quiz: Please select the best answer: 1. A flight attendant in a commercial airliner notices smoke coming from the stove in the rear galley. He is trained to: a. Immediately contact the pilot and report a “material…
GRC Strategy Quadrant: Understanding Type D Risks

GRC Strategy Quadrant: Understanding Type D Risks

There’s nothing new about classifying risks by category – strategic risk, operational risk, and so on. But I’m suggesting the strategy for managing risks is dramatically different for each section…
GRC Strategy Quadrant: Understanding Type C Risks

GRC Strategy Quadrant: Understanding Type C Risks

There’s nothing new about classifying risks by category – strategic risk, operational risk, and so on. But I’m suggesting the strategy for managing risks is dramatically…
key in a lock representing the grc strategy quadrant

GRC Strategy Quadrant: Understanding Type B Risks

In a recent blog, I illustrated a GRC Strategy Quadrant that I think can be used to tailor risk management strategies to different types of risks. A better way to classify risks There’s nothing new about classifying risks…
project leader reviews business intelligence methodology

GRC Strategy Quadrant: Type A Risks Explained

In a recent blog, I illustrated a GRC Strategy Quadrant that I think can be used to tailor risk management strategies to different types of risks. A better way to classify risks There’s nothing new about…
Risk-Driven GRC Oversight

Risk-Driven GRC Oversight

Risk management continues to fall short of expectations. Surveys show boards and senior executives believe risk management is important, but also reflect an overwhelming dissatisfaction with the…
Driving Value With Risk Management

Driving Value With Risk Management

Real success for risk management can only come from creating value. Yet risk management practices have largely failed the value add test. Defining value What drives value in your business? To find out, you need to learn how equity analysts…