With your risks in control, you are ready for take-off to new destinations
Last week the French association for risk management, AMRAE, organized their annual conference for Risk Managers in Deauville, France. BWise has been present at this event for many years.
A Journey across the World and the Risks
In total more than 2,000 French risk professionals visit this three-day conference. The theme this year was AMRAE International Airport, proposing to all participants a journey across the world and the Risks. A theme very close to our vision and the GRC journey we offer to our customers.
Conduct Risk: Technology, Processes and People
Interesting term: conduct risk. When I first heard it, my initial thoughts were that it is all about behavioral risk. And I am sure; I was not the only one. But when youre into risk management in the financial services market in the UK, Conduct Risk is quite a bit broader than that. In order to prevent financial service providers from behaving badly like selling the wrong products or providing the wrong information, the UK authorities felt something was needed after the financial crisis. There is now actually an authority that monitors conduct risk in financial services called the FCA or Financial Conduct Authority.Read more
BWise cited as a Leader in GRC Platforms in the Q1 2014 Forrester Wave Report
Recognized as a Leader
Forrester has been evaluating the Governance, Risk Management and Compliance market since 2006, when their first GRC Wave was published. Now the new 2014 version has come out, and I can tell you that we are extremely proud of the result. Were the only vendor that has been recognized as a Leader ever since 2006. Our strategy is ranked highest overall, customer satisfaction ranking is extremely strong and the product offering is again leading.Read more
The relationship between IT GRC and Enterprise GRC
In every story on GRC, it is stated that the worlds of IT GRC and EGRC are moving together, that these worlds are integrating. In fact, I dont believe thats true. I believe they always have been one, but vendors marketing somewhat polluted the discussions creating two perceived separate markets. There are obviously some specifics in IT GRC that are less dominant in EGRC. A term like vulnerability is standard in IT GRC, but rarely heard in EGRC. Although it adds some logical structure, it also adds complexity for many non-experts. Ive seen EGRC implementations with risk triggers, causes and consequences; makes a lot of sense for the expert, difficult for business users. Here is just one example where companies need to decide on a clear and integrated risk language. But thats not just for IT GRC.Read more
So, what is risk-based compliance? It seems to be a must-have term on any compliance website, and certainly for compliance software vendors. But what does it mean? For many, compliance is not risk related. While they understand the law is in place to protect consumers, investors, and countries against a certain risk, there is no arguing. You simply implement it, and adhere.Read more