1 | Just what is risk appetite and how does it differ from risk tolerance? |
2 | 10 reasons not to like the COSO ERM framework – a discussion with Grant Purdy |
3 | The difference between continuous controls monitoring and the continuous inspection of transaction... |
4 | The essential ingredient to effective risk management: the culture |
5 | How do you evaluate your risk management program? |
6 | A metaphor that explains GRC |
7 | PwC has sound advice on Continuous Auditing |
8 | What is the relationship between Governance, ERM, and Internal Control? |
9 | New guidance on risk appetite and tolerance. I like some parts, disagree with others |
10 | Explaining the value of risk management |
11 | Risk management is not a quarterly exercise. It should be a way of life |
12 | A good argument by EY for improved ERM, but a poor one for GRC |
13 | Risks to watch in 2011 |
14 | Excellent resources for risk (and GRC) professionals |
15 | Is Internal Audit lacking in leadership skills? |
16 | The future of the internal audit profession |
17 | RIMS’ report on ERM standards and guidelines: a recommended read |
18 | Disappointed by the PwC State of the Internal Audit Profession 2011 |
19 | Survey results: how people define GRC |
20 | Where should internal audit report? Should it be to the audit committee? |
21 | Risk-based Continuous Monitoring/Auditing – Developments |
22 | The solutions I would buy for GRC |
23 | Deloitte releases Global Risk Management Survey, on financial services institutions |
24 | What are the top issues for IT governance? |
25 | Continuous auditing that should NOT be performed by internal audit |
26 | KPMG reports major problems in how risk management is understood and practiced |
27 | Should internal audit ‘do SOX’? |
28 | Study reports on the Benefits of Continuous Monitoring |
29 | Questions to ask executives about risk management |
30 | People are the root cause of most risk and control issues |
31 | How many risks should be managed and often should you do so? |
32 | Enabling risk management across the organization |
33 | PwC explains why leading finance functions are 60% more efficient than the average |
34 | What is the state of internal auditing? My opinion |
35 | Advice from McKinsey on board dynamics and practices |
36 | Economist Intelligence Unit report on the maturity of risk and compliance |
37 | A true story of fraud and corporate culture that has implications for us all |
38 | PwC Global Information Security Study |
39 | Goldman Sachs’ 10 Principles of Effective Risk Oversight |
40 | Should the head of the internal audit function also direct the risk management program? |
41 | An effective risk tolerance, appetite, criteria, etc. statement |
42 | PwC reports changes are brewing in the boardroom. Are they enough? |
43 | Response to a guest blog on “What’s wrong with GRC?” |
44 | Does risk management really include the upside of potential events? |
45 | Just what is GRC? Please share your definition |
46 | Aberdeen’s report on risk management includes some interesting materials |
47 | Advice on board oversight of risk management |
48 | We need your comments to upgrade the draft COSO internal control framework |
49 | McKinsey survey shows board practices need improvement |
50 | Deloitte discusses effective board composition |
51 | Which came first, strategy or risk: which is the chicken and which is the egg? |
52 | A new study on “Effective GRC Management: Positioning your company for growth” |
53 | Facts, risks, and opportunities: The explosion of data about us and our companies |
54 | Shining the spotlight on mobile risks and opportunities |
55 | Can directors rely on external auditor to detect material errors in financial statements? |
56 | A discussion of Risk Appetite by thought leaders |
57 | Protiviti study on IT auditing raises more questions than it answers |
58 | Study assesses the cost of a data breach |
59 | There’s a ton of interesting content in Deloitte’s “Tech Trends 2011” |
60 | Chasing user access and SOD problems |