Bow Tie Methodology with the ARIS Governance, Risk and Compliance Solution
In risk intensive businesses like the energy sector, a new risk analysis and description methodology has become more and more popular – Bow Tie diagrams. The success of this diagram lies in its clear structure and simplicity which is easy for the non-specialist to understand, but still has sufficient depth for an expert discussion.
Enterprise Information Security Options for 2012
Compliance Risk Management in the 21st Century
Regulations, ethics, and integrity are challenging the organization like never before. Governments are increasing scrutiny of organizations, stakeholders demand transparency, clients want assurance the organization is reputable and upholds their values, and business partners require commitments to compliance and ethics.
Anti-Corruption: Efficient and Effective Compliance with U.K. Bribery Act, U.S. FCPA, and OECD Good Practices
The distributed and dynamic nature of business makes ethics and compliance a challenge. How does an organization validate it is current with legal, regulatory, and other obligations within an ever-changing business environment? Global compliance in the context of a complex and dynamic business environment is particularly challenging as organizations face broadening anti-corruption laws and regulations. Ultimately, the best offense is a good defense.
OCEG GRC Technology Guide
Organizations today face unimaginable challenges as they do business in an increasingly complex global marketplace. They need to step back, get a good look at the challenges and develop an integrated approach to ensuring effective governance, managing risks, and optimizing performance while addressing compliance requirements throughout the enterprise. The result: what OCEG calls Principled Performance®.
Policy Management Build vs Buy: Why Policy Management Software Makes Sense
The mismanagement of policies has grown exponentially within organizations with the proliferation of collaboration and document sharing software such as Microsoft SharePoint. These solutions to their credit as well as downfall enable anyone to post a policy. Organizations end up with policies scattered on dozens of different internal Web sites and file shares, with no defined audit trails or accountability for them.
Bridging the Gap Between IT and the Business Using IT GRC
Organizations face a complex environment of risk, internally and externally. Geopolitical, financial/treasury, economic, operational, legal, and regulatory environments produce compound risks for organizations to manage. Many organizations are learning that these risks often interrelate to create a much larger risk environment than each independent silo is aware of.
GRC: Solving Real Business Problems, Not Just Hypothetical Ones
Effective governance, risk management, and compliance (GRC) delivers the ability to meet requirements, achieve human and financial efficiency, and meet the demands of a dynamic business environment that requires agility. It eliminates silos of risk and compliance that emerge from parts of the organization that have historically worked independently of each other.
