Monthly Archives: April 2010

People Risk: The Impact of Human failure in GRC and what to do about it. Part 1

Posted on April 30, 2010 by Bruce McCuaig

After years of practice I have several broad observations about causes about traditional GRC practices and our success in driving down failure rates. People Risk (human failure) is the single largest driver of loss events across the broad spectrum of … Continue reading →

Posted in Compliance, GRC, Internal Audit, Risk Management | Tagged Risk Management | Leave a comment

Continuous Control Monitoring (CCM): Should we be using it to monitor behaviors too?

Posted on April 27, 2010 by Bruce McCuaig

Continuous control monitoring technology is powerful, efficient and grossly underused. Many GRC professionals automatically assume that controls should be continuously monitored. Of all the things that this technology could be used for, control monitoring is possibly the least valuable overall. … Continue reading →

Posted in Internal Audit | Tagged Internal Audit | 1 Comment

Continuous Control Monitoring (CCM): What’s Wrong?

Posted on April 12, 2010 by Bruce McCuaig

With great trepidation I’m stepping into the Continuous Control Monitoring debate. In March Gartner issued their “Magic Quadrant for Continuous Controls Monitoring” report. Following their pattern of Magic Quadrant reports, Gartner in this report analyzes the CMM market and assesses … Continue reading →

Posted in GRC, Internal Audit | 2 Comments

Monthly Archives: April 2010

People Risk: The Impact of Human failure in GRC and what to do about it. Part 1

Continuous Control Monitoring (CCM): Should we be using it to monitor behaviors too?

Continuous Control Monitoring (CCM): What’s Wrong?

Tags

Categories

Archives

Blogroll

Subscribe

Follow “Governance, Risk and Compliance”