Gartner Points to Failures to Obtain Value From Technology

Posted on Apr 29, 2013

Gartner’s 2013 Global CIO Study points to issues I have previously aired: namely a failure to obtain full advantage from new and disruptive technology. This should be of concern to board, all executives, leaders of IT, and risk and assurance professionals.

continue reading...

The Important Risks That Are Overlooked but Should Come First

Posted on Apr 23, 2013

Survey after survey talk about the top 10 risks or such. For example, look at the 2013 Global Risk Management Survey by Aon. It raises some good points, including a refreshing observation that companies are paying more attention to risk management these days.


But I think this focus on a top 10, or even a top 50, misses some massive risks that are faced (IMHO) by a majority of organizations and, even if they are recognized, are often accepted instead of corrected. They need to be corrected if the organization is to survive let alone thrive.
continue reading...

Technology is Too Important to Leave to IT

Posted on Apr 18, 2013

 I have been reading an October 2012 publication by McKinsey, Evaluating technology on the boardroom  agenda (registration required – and well worth it). The title of this post is drawn from the piece. The full and important quote is:

Businesses are becoming increasingly digital and it’s not just a matter of process automation or resource-planning systems. Technology trends such as big data, cloud computing, mobility, and social media are giving rise to new marketing and operational capabilities. Indeed, technology has become too embedded in the fabric of the business—and too critical for competitive performance—to be left to the IT function alone.”
continue reading...

Does It Make Sense to Discuss GRC?

Posted on Apr 14, 2013

My good friend, Michael Rasmussen, is perhaps the father of the term GRC and styles himself as the GRC Pundit. He has an excellent web site that I wholeheartedly recommend and one of his latest posts is on the subject of 2013 GRC Drivers and Trends.

continue reading...

Risk-Based Audit Opinions That Matter

Posted on Apr 5, 2013

Almost everybody, whether on the board, in management, or in internal audit, agrees that internal audit should be “risk-based. But I don’t think they are talking in the same language. 

continue reading...