Speaking Abstracts

Corporate Integrity is prepared to deliver presentations on GRC related topics such as . . .

  • Establishing and Protecting Corporate Integrity. Governance, enterprise risk, corporate compliance (GRC) – it means different things to different roles in your organization. Security, audit, finance, executives, business strategists, legal, compliance, risk officers – all work with different frameworks and approaches for managing complex risk and compliance processes. Bombarded with an array of risks and regulations impacting every phase of business operations, global organizations have much to manage. Times are changing – organizations are pressured to build an enterprise approach which requires that these roles start working together – requiring everyone to play out of the same playbook with consistent definitions. Resilient and agile organizations manage risk and regulations proactively to stay abreast of dynamic environments, risks, regulations, and case law across multiple jurisdictions. Staying alert to a diverse and dynamic world has become a competitive advantage. Corporate Social Responsibility is intertwined with this as organizations desire validations that it has integrity and walks its talk. This presentation examines the current drivers and trends in GRC, discusses the disparate views of risk and compliance, and brings forth a strategy aimed at achieving sustainability, consistency, efficiency, accountability, and transparency across risk silos.

  • Creating Order out of Chaos: Defining a Process Lifecycle for Managing Policies. The typical organization is a mess when it comes to managing policies and procedures. Policies are scattered across the business, reside in a variety of formats ranging from printed documents to Intranet sites, are out of date, not integrated into other processes such as investigations or risk management, and are poorly written. Particularly, most organizations fail to manage the lifecycle of policies. This results in policies that are out of date, ineffective, and not aligned to business needs. The doors of liability open as an organization may be held accountable for the policies in place that are not appropriate or are not compliant. Effective policy management starts with a lifecycle approach to managing policies. This is the process of managing and maintaining policies throughout their effective use within the organization. Attendees of this presentation will learn a lifecycle approach to managing policies across the states of creation, communication, management, and maintenance.

  • Keeping the Look:  Standardizing Policies through Templates, Style and Language Guides. Policies articulate culture, establish a duty of care, define expectations for behavior (for individuals, processes, and business relationships), and establish how the organization is going to comply with regulatory and contractual requirements.  Policies can be engaging to read if written correctly. Leading organizations are establishing a policy style guide and templates to achieve consistency across policies and align them with the corporate culture and brand. Policy writing that is wordy and confusing is damaging to the corporate image and costs time and money. Every organization should have a policy style guide in place to provide the format for clear and consistent policies. Attendees of this presentation will learn to increase policy effectiveness through templates and style guides that achieve a consistent taxonomy, format, structure, language use, and definitions across policies.

  • Getting the Word Out:  Communicating Policies to Employees and Partners.  Organizations need to completely refocus how they approach policy management and communication. Not only are businesses failing in consistent and effective policy management, they are struggling with how to effectively communicate policies to employees and business partners.  While the written policy is critical – organizations are challenged to make sure that policies are read, understood, and attested by employees that they have received proper training on policies. Attendees of this presentation will learn how employees (across geographies, educational levels, and disabilities) can find policies and procedures that relate to their role in the organization; where to get their questions answered; and accomplish any tasks that require training, quizzing, and attestation of policies.

  • Policy & Training Management: Meeting New Generation of Regulatory Complexity. The typical organization is a mess when it comes to managing policies and procedures. Policies are scattered across the business, reside in a variety of formats ranging from printed documents to Intranet sites, are out of date, not integrated into other processes such as investigations or risk management, and are poorly written. Particularly, most organizations fail to manage the lifecycle of policies. This results in policies that are out of date, ineffective, and not aligned to business needs. The doors of liability open as an organization may be held accountable for the policies in place that are not appropriate or are not compliant. Effective policy management starts with a lifecycle approach to managing policies. This is the process of managing and maintaining policies throughout their effective use within the organization. Attendees of this presentation will learn a lifecycle approach to managing policies across the states of creation, communication, management, and maintenance.

  • Aligning Risk and Performance with GRC Intelligence. Given recent events and the current regulatory environment, the need for transparency into risk exposure has never been greater.  Yet the question still remains, “How do you implement a GRC strategy that is relevant and brings value to the business?”  Risk and compliance officers have a wealth of data at their hands and in most cases are managing requirements effectively.  Executives and business managers are also increasingly looking for insight from the GRC data collected in an effort to align risk and performance management objectives and achieve better business outcomes.  In this webinar, Michael Rasmussen will discuss how utilizing GRC processes and solutions to gather data analytics that turn knowledge into intelligence can help your company adapt to the complicated risk landscape, ensure compliance and improve business performance.

  • Managing Investigations Across The Enterprise. Internal investigations have taken on new importance for organizations over the past three years in the wake of increased enforcement by state and federal law enforcement agencies and a series of operational failures that have led to product recalls and corporate bankruptcies, as well as the worst environmental disaster in U.S. history. Such investigations require a process that allows investigators to gather evidence, analyze data, and produce reports. They also represent an important component of proper Governance, Risk, and Compliance (GRC) practices, which themselves have become a strategic means for organizations to prevent ethical and operational failures. In this webinar Michael Rasmussen will address how companies can manage investigations. Attendees will learn to implement an effective investigation program, including: defining a consistent investigation process; enabling collaboration among the investigations team; providing accountability for actions taken by organizational members; designing monitoring metrics; and, relating investigations to risk, policies, and other governance, risk management and compliance (GRC) areas.

  • Making GRC Intelligent within Organizations. Much has been stated about GRC – but the question still remains, “How do you implement a GRC strategy that is relevant and brings value to the business?”  This is a particular challenge within organizations that are bludgeoned by regulatory reform and mandates to manage risk across the business.  Organizations need to articulate and deliver a GRC strategy that addresses changes in the regulatory environment, a complex array of risks, while delivering value to the business to achieve its support.  The answer is intelligence – utilizing GRC processes and solutions to gather data analytics that turn knowledge into intelligence.  Intelligence used to steer and direct the organization in a dynamic and regulated business environment.  The goal is to empower a GRC strategy used to deliver GRC Intelligence relevant to business decisions and transactions.  This involves implementing a data analytics approach to GRC that integrates with business and financial services applications that supports GRC automation, dashboarding, and reporting.

  • Succeeding at GRC: Best practices to follow, pitfalls to avoid and success metrics to measure when implementing integrated GRC.  As organizations plan their risk, compliance and audit programs for 2011, many will turn to integrated GRC approach to create an enterprise-wide framework for improving oversight, accountability and efficiency. In this presentation Michael Rasmussen, Compliance and Risk Advisor, draws from his extensive consulting and research experience to discuss best practices to follow, pitfalls to avoid and success metrics to measure when implementing integrated GRC strategies, processes and technology.  Attendees will learn: lessons learnt from successful GRC implementations, key people, process and technology issues with integrated GRC, proven approaches for measuring success and ROI of GRC, pitfalls to avoid when implementation integrated GRC, and dealing with the convergence of business and IT risks.

  • Defining a GRC Strategy That Bridges GRC Silos. Governance, risk, and compliance (GRC) is not a single role in the organization. Effective GRC requires collaboration across business areas that have historically operated as introverted silos. This presentation looks at the roles involved in GRC and defines strategies to begin collaboration on GRC across the organization. Specifically we will consider the roles that are stakeholders in GRC, identify strategies for effective GRC collaboration, and develop a federated GRC organization upon a firm technology architecture.
  • Managing 3rd Party Risk & Compliance in the Extended Enterprise. Organizations have become complex – an intricate web of business relationships now comprise and organization. Who it is, what it does, how it operates is not locked to defined organization boundaries. The extended enterprise of business relationships has introduced further complexity of risk and compliance oversight for the business. Recent attention within financial services with the FDIC guidance on 3rd party risk adds another industry to the cross-industry demands to manage supply chains, comply with international labor standards, protect trade secrets and intellectual property, assure privacy, manage geo-political risks, and demonstrate regulatory compliance. While different industries have different business relationships, risk, and compliance requirements, a common methodology and process can be used to manage and report on risk and compliance across the extended enterprise. This webinar looks at the current requirements within specific industries, cross-industry regulatory requirements, and specific risk issues impacting the extended enterprise. Specific attention will be given to presenting the extended enterprise best practices in communicating policies, providing training, conducting assessments, and validation of 3rd party relationships through audits.
  • Seeing the Forest of Risk Past the Trees. Risk – it means different things to different roles in your organization. Security, audit, finance, executives, business strategists, legal, compliance, risk officers – they all have definitions and approaches to risk management. Times are changing – organizations are pressured to build an enterprise risk management program which requires that these roles start working together – requiring everyone to play out of the same playbook with consistent definitions. This presentation examines the current drivers and trends in risk management, discusses the disparate views of risk, and brings forth an ERM strategy aimed at achieving sustainability, consistency, efficiency, and transparency across risk silos.
  • Developing Your GRC Technology Blueprint. Governance, risk, and compliance (GRC) is bearing down on IT from many angles. No longer is IT concerned with managing its own risks and compliance obligations; now IT is being used to drive sustainability, consistency, efficiency, and transparency into enterprise risk and compliance initiatives. The result is a complex landscape of applications and technologies that need to start working together to provide a coherent picture into enterprise GRC. This presentation examines the taxonomy of applications and technologies used for GRC, considers how organizations bring them together into blueprint architecture, and then addresses a roadmap for a successful GRC strategy with a firm technology foundation.
  • Corporate Social Responsibility – the Future of GRC. Governance, risk, and compliance trends are changing – the most significant trend is validating that your company has integrity and walks its talk. This presentation considers the tsunami influence that CSR will have on GRC strategies and processes, and assists organizations in defining how to integrate CSR thinking into their GRC roadmap.
  • Risk & Regulatory Intelligence – Getting to the Head of the Class. Bombarded with an array of risks and regulations impacting every phase of business operations, global organizations have much to manage. Resilient and agile organizations manage risk and regulations proactively to stay abreast of dynamic environments, risks, regulations, and case law across multiple jurisdictions. Staying alert to a diverse and dynamic world has become a competitive advantage. This presentation looks at the processes, technologies, and content needed for an organization to stay informed in dynamic risk and regulatory environments.
  • Strategies for Building Effective Compliance Programs. Compliance is a daunting challenge to organizations because they are faced with a mountain of regulatory obligations. These obligations include: ethics, sales practices, privacy, security, industry oversight, human resources, corporate governance, manufacturing practices, work force, public safety, environmental factors, critical infrastructure protection/homeland security, and business continuity regulations. In the past, organizations tackled compliance as islands of projects scattered throughout the organization, leading to inconsistent approaches and a duplication of efforts. This presentation walks organizations through the best practices in effective compliance programs, illustrates how these practices can be used as an organizing principal to drive consistency into an enterprise compliance effort, and aligns these activities with how they will be judged by the regulators themselves.