Tag Archives: Jonathan Kitchin

Don’t Let Your Big Data Be a Big Mess

The amount of data we are exposed to, both professionally and personally, is expanding wildly, all while the amount of investment necessary to store this data diminishes. Since storing information is so cheap now, there’s no real disincentive to avoid becoming “data hoarders.” While data hoarding has a lot fewer health risks than knick-knack hoarding, if you don’t manage your inbound data well, you can end up equally overwhelmed and paralyzed when you realize the mess you’ve made. Continue reading

Posted in GRC, GRC Technology Implementation, Risk Management | Tagged | Leave a comment

Don’t Paint Your Core Values Short: 3 Actions for Promoting Ethical Behavior

As a consultant, I’ve stayed in numerous hotel rooms of wide ranging quality. One common thread that connects all hotels, from the lavish Leela Palace of Bangalore to Joe’s Motel of “I booked last minute and just pray it has running water,” is wall art. No matter the location, quality or style of your locale, rest assured that throughout the building and in your room there will be non-descript, non-attention grabbing paintings adding subtle textures to the walls.

Your office may have similar, subtle images across its walls. These images likely have branded colors, invoke a warm message but are often ignored by the people that pass by. Allow me to introduce you to one of the most prevalent types of wall art in corporate life: your company’s corporate values. Continue reading

Posted in Compliance & Ethics, GRC | Tagged | Leave a comment

Sustaining Your GRC Program, After the Fireworks are Over

Firework shows are the ultimate front-loaded project; the type where it’s easy to lose sight of the long-term relationship. For two summers in my early twenties, I was a “Licensed Pyrotechnic Operator” by the Missouri Division of Fire Safety (which, if you know me, is like asking your cat to clean the swimming pool). My job description involved trekking to a variety of rural, hole-in-the-wall communities and assisting a team with blowing up a pre-determined number of explosives, without losing any appendages. After 12 hours of work in the hot sun, the day would end with a brilliant display of color and spectacle. For many teams, the end of the show was their queue to haphazardly tear down the tubes (the launching mechanisms for the fireworks) and get the heck out of Dodge (or Thayer, West Plains, Monett, etc.), all the while high-fiving each other and talking about the great event they just created. I was lucky enough to be assigned to a team that knew better, though. To be a successful fireworks operator, it’s not just about the show.

Sustainability in the fireworks business is about the complete relationship. The person signing the check is typically a city council member or the chair of an oversight committee. The last impression of this stakeholder isn’t the show, but the conditions that are left behind after the show. Was the area cleaned up appropriately? Was trash left behind? Was the team professional and on time? Small town leaders talk; one bad impression can lead to a lack of business, both this summer and beyond. Continue reading

Posted in GRC, GRC Consulting, GRC Technology Implementation | Tagged | Leave a comment

What’s Your Elevator Pitch?

This week marks the anniversary of the birth, and death, of a true American original, Major General George Owen Squier (March 21, 1865 – March 24, 1934). Besides his distinguished service record, Squier was a scholar, holding a Ph.D. from John Hopkins and being an elected member of the National Academy of Science. He was also an accomplished inventor, having discovered a way for the telephone to send multiple messages across a single line (multiplexing). However, the general’s most recognized achievement is one designed to not be recognized at all. Whether you’re shopping, having your teeth drilled or riding in an elevator you’ve likely been exposed to (don’t worry, it’s not contagious) Muzak – a term the general coined himself. Continue reading

Posted in GRC Education | Tagged | Leave a comment

Strategies for Using On-Screen Help to Enhance Your GRC Data

One of the risks you may or may not be tracking within your GRC program is the data quality within your online Governance, Risk and Compliance (GRC) tool. The reports and metrics within your GRC system hinge on the data provided by your end users. Mediocre, or worse, inaccurate data can have far reaching impacts across the enterprise. If you prioritize tasks and make risk and compliance decisions based off the data within your tool, you need to have plans and strategies in place for vetting and reviewing that data. Continue reading

Posted in GRC Technology Implementation, Risk Management | Tagged | Leave a comment