May 23, 2013

Posts Comments

You are here: Home / Archives for corporate culture

Governance, Risk and Compliance

April 25, 2012 By Leave a Comment
Photo courtesy of comsparkint.com

As a response to several comments recently received by our staff on the topic of GRC, this posting will address related questions such as:  (1) Why are the areas of organizational compliance and risk requirements becoming more complex?  (2) Where does corporate culture fit into a risk management program? (3) How do you know or measure that risk management programs are performing? Or finally, (4) How do you get all of your organization’s players on the same page regarding how to handle these risk issues? To best offer that response, our staff would like to direct you to several related … [Read more...]

COBIT 5 Governance and Enterprise IT Framework Released by ISACA

April 10, 2012 By Leave a Comment
Photo courtesy of isaca.org

For those readers who are members of organizational governance, regulatory or compliance (GRC) related committees and/or information security / risk management teams, a posting recently released by the Information Systems Audit and Control Association (ISACA) is worth adding to your group’s reading resource library. This new version of COBIT promotes seamless continuity between an enterprise’s IT department and its overall business goals, and represents a major evolution of the globally accepted framework used worldwide for more than 15 years. According to ISACA, COBIT 5 can be … [Read more...]

Risk Awareness Concerns and Organizational Risk Management System Potential Integration(s)

February 5, 2012 By Leave a Comment
Photo courtesy of meship.com

By: Lisa DuBrock, CPA, CBCP, MBCI Recently in an article written by Subrata Guha entitled “New ISO IEC 20000-1: Alignment with ISO 27001”, Guha makes the point that, “…. since ISO 20000-1 and ISO 27001 are so closely linked, there is a strong argument that these two standards should be implemented as a single management system – and, that the new release of ISO 20000-1 makes this process easier than ever before.” I contend that the melding of those 2 standards is certainly an excellent idea ---especially since some well-defined areas such as incident management, change … [Read more...]

Governance, Risk and Compliance Remain Critical Component of Total Shareholder Value

March 4, 2010 By Leave a Comment

Most experienced business continuity and risk management professionals are well aware of the significant role that corporate culture and governance play in an organization’s success in managing risk and meeting customer satisfaction objectives for that organization.  But all too often, many others have to be reminded of this important relationship. Similarly, economic market forces directly relate the shareholder value of an organization to how well or how poorly organizations meet those objectives.  Ignoring this important dynamic can often be a costly mistake organizations want to … [Read more...]

 
ISO 22301 – Does It Matter? http://t.co/bgmQo8jjJA4 hours ago