Awesome GRC Conference!

I just finished the 2017 Governance, Risk and Compliance (GRC) conference in Dallas, TX. The conference was co-sponsored by ISACA and IIA.  Excellent keynote speakers this year and I heartily recommend this conference for anyone seeking to learn how to solve governance, risk, and compliance challenges in your organization.

My presentation is titled 'How Risk Culture Affects Compliance and Internal Controls' and focuses on how organizational culture can cloud decision maker's judgement.  Checkout my presentation and beware of Risk Hurricanes.

ISACA Ireland 2016 Keynote

The ISACA Ireland annual conference, Cultivating a Culture of Security was a smashing success this year. There were three tracks covering culture, technology and GRC topics. I was fortunate enough to deliver one of this year's keynote presentations. My keynote focused on the impact organizational culture has on an organization's ability to effectively manage risk and how to build a risk culture. I introduce a term that I coined which I call "risk hurricane". Risk hurricanes can be used to identify cultural traits that often lead to risk management disasters. Organizational culture can be very enduring yet brittle and fragile at the same time.  Warren Buffet said it best, "It takes 20 years to build a reputation and 5 minutes to ruin it.  It you think about that you will do things differently."  Checkout my keynote presentation to learn more about organizational culture and risk hurricanes. 

RIMS 2016 Was a Smashing Success!

Here is my RIMS 2016 presentation about the scope of Enterprise Risk Management (ERM) function.  Many people and organizations view ERM's role through a financial lens and fail to take into account non-financial aspects of risk such as safety, reputation, quality, and mission capability. This presentation explores a series of case studies that shows what can happen to an organization that does narrowly focuses their ERM function on financial aspects only.