- All That’s Red Isn’t Ketchup: Vetting Your Third-Party Relationships opgrc.com/blog/all-thats…Posted 1 year ago
- Failure Is an Option: bit.ly/1Hz7xv5 http://t.co/kLk9aC2KbhPosted 1 year ago
- Policy Reboot: How to avoid Hollywood cliches when rebooting Your #itsecurity policies. bit.ly/1e5BRmK http://t.co/DVOK1foJV2Posted 1 year ago
- Driving in the Rain: How to handle the unpredictable (or unpredicted) via #riskmanagement bit.ly/1L6bETj http://t.co/hJNZfouxUYPosted 1 year ago
- Make sure your #GRC project goes out with a bang, not a fizzle: bit.ly/1H7n6I7 http://t.co/P8EReqeNW6Posted 1 year ago
Monthly Archives: October 2012
It can’t be Halloween without referencing one of the all-time classics: It’s the Great Pumpkin Charlie Brown. In homage to Charles Schultz, we thought we’d use the Peanuts gang to help shape a conversation about the individuals you may run across as part of your GRC journey. Our careers are peppered by a variety of colorful – and recurring – characters. See how many of the following people from the following list that you’ve encountered. Continue reading
A French knight, an Italian math guy and a pair of dice ride into a casino. . .well, maybe that’s not exactly how the story of probability begins, but if I’m going to get you to read something other than the picture caption, I’ve got to grab your attention.
What are the odds your GRC metrics will hold up under scrutiny?
No matter where you work, you’ve likely sat through a meeting that included a statement like, “What gets measured gets done.” This statement is inevitably followed by some new thing to measure that will no doubt allow your team to “exceed stakeholder expectations” or some other amorphous goal – you’ll probably even get to hear the tale of “Company X” and how when they did the same thing it “revolutionized their business.”
It’s easy to fall in love with numeric measurements; they cut through the buzz words and provide something concrete. We put a lot of trust in numbers. However, are our numbers built on assumptions or facts? Continue reading
A few weeks back, I found myself unable to sleep. Lying awake in my bed, my mind raced and my heart pounded as I thought about the meeting that awaited me the following morning. I couldn’t remember being this nervous about any meeting ever. Throughout my career I have found myself presenting to executives, senior managers, auditors, boards of directors, rooms full of strangers, and of course, the supervisors who lorded over my livelihood, and yet I had a sinking feeling that none of these situations could have prepared me for the challenge I was about to face:
How do I explain the life of a GRC professional to a room full of first-graders? Continue reading
If I showed you a picture of a Sasquatch or a Unicorn, chances are you would be able to identify them almost immediately. That is to say that nearly everyone knows exactly what they are even though they haven’t been proven to exist. Now don’t get me wrong, I’m not here to discuss my hair-brained theories on Bigfoot and Unicorns. . . I’ll save that for another blog post. Continue reading
Speaking for the overall OrangePoint team, we are excited to join the ongoing, and seemingly never ending, governance, risk and compliance (GRC) conversation. While the term GRC wasn’t coined until this century, the concepts and essence of the idea have been around for a long time. Acronyms come and go, marketing buzz words rise and fall, but the “capability to reliably achieve objectives while addressing uncertainty and acting with integrity” (OCEG) is an idea that will persevere. Continue reading