Defining and Understanding Governance, Risk, and Compliance (GRC)
Date: Wednesday, September 21, 2016 | Time: 8 am PDT | 11 am EDT
Although many use the term ‘GRC’, they don’t use it the same way. For some, the “C” stands for ‘controls’ but for others it is ‘compliance’. Either way, few can explain why the three terms (Governance, Risk, and Compliance) are included in the acronym: why the combination means more than the sum of the three.
Join this session, where the experts will discuss:
- What is included in each of Governance, Risk, and Compliance
- Defining what GRC means as a combination of the three terms, and why it is necessary for all organizations regardless of size and location
- The problems of ‘fragmentation’ and ‘silos’
- How to address these problems and achieve an effective GRC environment
- How technology can not only enable the parts but the whole, including the breaking down of silos and coordination of fragmented operations
Evangelist and Mentor in Internal Auditing, Risk Management, and Corporate Governance
Mr. Marks, CPA, CRMA is an evangelist for “better run business”, focusing on corporate governance, risk management, internal audit, enterprise performance, and the value of information. He was the chief audit executive of major global corporations for twenty years and is a globally recognized thought leader in the professions of internal auditing and risk management. In addition, he has served as chief risk officer, compliance officer, and ethics officer, and managed what would now be called the IT governance function (information security, contingency planning, methodologies, standards, etc.). He ran the Sarbanes-Oxley Section 404 (SOX) programs and investigation units at several companies. Mr. Marks is a member of the review boards of several audit and risk management publications (including the magazines of ISACA and the IIA), a frequent speaker internationally and the author of multiple award-winning articles.
Mr. Caldwell has joined the MetricStream executive leadership team as Chief Evangelist. Previously at Gartner, Inc., Mr. Caldwell led research initiatives on GRC, enterprise risk management, regulatory compliance, third party management, and social media risk management. In his 15 years at Gartner, he advised hundreds of businesses and government agencies on GRC issues, including the impact of rules and regulations, disruptive technologies, and digital business strategies. He authored and contributed to over 400 Gartner research papers, including the Gartner Magic Quadrant for Enterprise GRC Platforms, since its inception in 2007. Mr. Caldwell also led the White House sponsored Digital Pearl Harbor war game, the first ever strategic assessment of cyber war strategies. Before joining Gartner in 1999, Mr. Caldwell was director of knowledge services at Arthur Andersen. He also served as a nuclear submarine officer, and directed special congressional projects for the Secretary of the Navy and the Secretary of Defense. Upon retiring from the Navy, he served as the liaison to NATO for the Congressional Commission on Roles and Missions.