Blog and Resources
Blog and Resources

Avoiding Risk Is Not a Strategy – Understanding 5 Risk Models and 4 Principles
Is “Risk Avoidance” Really “Risk Management”? A quick google search gives you the definition of risk management as being about “mitigating” risk. This is how, in practice, risk management most often works in the corporate world. It is rare to see a Risk Manager say,...

A Minute About Minutes: Best Practices for Boards and Teams
In the world of Internal Controls or GRC (Governance, Risk, and Compliance), there is tons more value we can extract from documentation and processes, but too many people leave that value on the table. And that’s where the topic of minutes comes in. They are obviously...

5 Principles to Get More Value from Governance, Risk, and Compliance Programs
In my many years on the ground (and in the trenches) running internal controls* programs, I can tell you that internal controls programs are a goldmine of opportunity. But only when you “get” what audit and control concepts are about (and not about). Unfortunately,...

Your Documentation Audit: Benchmarks for the 5 Stages of Documentation
While this isn’t as technical as SOX or other GRC (governance, risk, and compliance) frameworks or else standards in the information governance space (like the ISO 23081 records management processes), the 5 Stages of Documentation is a quick, do-it-yourself way to...

The 5 Super Standards—A New Model to Measure Your Documentation
Whether you are working on internal audit, accounting, governance, risk management, project management or any other discipline for that matter, documentation underpins a lot of the work you do. From reports, to spreadsheets, to presentations, to memos, to matrices, we...

Your Best Risk Management Tool is a Cup of Coffee
Risk Management is something I get asked about because of the name of our consulting firm, and of course it’s a subject that matters a lot to me and our clients. To give you a quick definition, Risk Management is a process for organizations to identify, rank, track,...