GRC & Me

Peter Berger and David Ngu both work for global consulting firm Protiviti in the Netherlands, helping clients figure out how to integrate governance, risk management, and compliance technology into their workplace. In this episode of GRC & Me, Peter and David provide some of their valuable insights about how to incorporate agile GRC technology to make sure it’s actually doing its job to help manage the risks in your company and ensure your business is aligned so successful risk governance can take place and nothing slips through the cracks.We all face risks in our daily lives, now more than ever. Peter and David are here to help companies handle them with agility and flexibility, and stay tuned: they’re even offering listeners a complimentary consulting session to talk about GRC technology and agile risk governance. Reach out to Peter and David directly: peter.berger@protiviti.nl & david.ngu@protiviti.nl

Just what is Risk Cloud Exchange (RCX) and what benefits could it offer your organization? These questions are explored on this episode of GRC & Me with LogicGate’s Amrutha Sivakumar and Emily Affinito. 

After nearly two decades in tech, including stints at the Big Four security firms, Scott Jordan is on his 148th governance, risk, and compliance (GRC) implementation. Now the principal and partner at Agile GRC Solutions, Scott puts it simply on this episode of GRC & Me: “I’ve seen a few things in the market.” Specifically, he’s watched as companies large and small have become more vulnerable to ransomware and other types of cyberattacks. While assessing the damage, he’s spotted a few common mistakes, which he calls “security landmines.” GRC tools like LogicGate are powerful and necessary, but they work best when the humans wielding them are doing their due diligence. That’s where Scott and his experience come in. That is if he can resist the tempting job offer from his eight-year-old daughter...

Legacy technology’s grasp on GRC processes is slowly loosening. As LogicGate’s Director of Customer Success Szuyin Leow explains, it appears the future is here, thanks to flexible data models. A former cybersecurity consultant, Szuyin now helps LogicGate’s customers leverage the flexible data model that powers the risk cloud platform the company is recognized for. Adaptability is key across any industry, and that’s what this model specializes in, even in a climate with many unknowns. In this episode of GRC & Me with host Megan Phee, Szuyin explains that compared to rigid data models, flexible ones let organizations “slot things in where they're needed” when external changes force a shift within data structures and new requirements must be implemented. Still, the grass isn’t always greener. Too much design and customization can pose an obstacle for organizations building out their data structures, but Szuyin and her team encourage them to follow LogicGate’s best practices. Can you guess how flexible data models benefit industries outside of GRC? That’s what the LogicGate Risk Cloud IRL competition will reveal.

When the effects of COVID-19 began to tear across industries, GRC Technology Manager Priyam Shah didn’t hesitate to pivot PwC’s services to support their customers. Because PwC resolves complex GRC issues across various industries, Priyam says its collaboration with LogicGate was natural to support the facilitation of the “return to work” program PwC created as a part of its pandemic response. In this episode of GRC & Me with host Megan Phee, Priyam discusses how the PwC x LogicGate Risk Cloud™️ relationship helped organizations bring their workforce back to the office by providing the necessary controls and processes. She also shares thoughts about what to consider as you discover the right tools and solutions for your programs as well as rising trends in the GRC landscape. Then Megan and Priyam discuss common pitfalls faced by companies along with different points of the GRC journey. When it comes to your governance structure, what do you think is preventing you from seeing the value you need? (Hint: Enabling all your programs at once!)

Asureti co-founder and Practice Director, Melissa Ryan, has been fascinated with language for as long as she can remember — and she has the spelling bee record to prove it. Since she’s worked with people across business operations, the multi-faceted data protection expert has seen firsthand how a common language can bridge gaps between departments, allowing for truly valuable and meaningful conversations. That technical jargon flying across your teams? It actually pulls your organization further apart. Melissa uses a risk rating matrix, for example, to better facilitate communications with clients. These tools — or points of reference like taxonomies — contribute immeasurable value when they are defined through a shared language and then used across the business. “We find that leaders who are leveraging these common definitions, these standard rating, and translation tools, and incorporating them into a GRC technology are truly finding enhanced value,” explains Melissa. Here’s the key: Make sure the underlying structure, calculations, and design of the common language of your tools and technology are consistent. Ready to learn how to connect the dots between the teams in your risk organization?

In the age of COVID-19, virtual conferences reign supreme — without the handshaking, warm hugs and mingling breaks, are they as compelling and worthwhile to attend? When the content is as relevant and valuable as it was at Agility 2020, LogicGate’s first-ever virtual user conference, the answer is an easy yes. Couldn’t make it? Tune in to this special episode of GRC & Me with host Megan Phee for highlights from the engaging conference that featured a line-up of notable hosts, including LogicGate’s all-star leadership team: CEO Matt Kunkel, VP of Product Management Mark Tattersall and CFO Kevin Jacobson. Through riveting presentations, the leaders addressed the current state of the GRC space, where it’s going and how the LogicGate Risk Cloud™ can build a new path forward. Listen as Matt discusses the importance of enterprise risk management in the emergence of the risk cloud, as Mark explains how vital customer feedback is during product development, and as Kevin shares his journey with the risk cloud to more effective vendor management. While next year’s plans develop, ponder this: What do you want to learn at LogicGate’s 2021 user conference to sufficiently strengthen your organization’s risk protocols in an evolving and post-pandemic environment?

David Ponder, a partner at Cential, has used COVID-19 to teach his five-year-old daughter about the interconnectedness of the world: “To change the world, you've got to start with yourself first and your closest circle second,” he advises. This lesson parallels the interconnectivity of risk management ecosystems — organizations should never stop reevaluating the principles that determine their actions. Why? Because risk management is no longer done by standalone entities. Like herd immunity, transformative risk management introduces the idea that if one organization in the risk ecosystem is weak (or strong!), everyone else is, too. One band; one sound. Enter Jannie Wentzel, a partner and principal consultant at Cential, who authored a whitepaper about the emerging tools and technologies that are transforming risk management today. Together, Jannie and David assert that transformative risk management’s emphasis on data will provide leaders the confidence to base critical decisions and drive valuable business solutions for each participant in a risk ecosystem. With host Megan Phee, these GRC experts posture that risk leaders will soon shift their understanding of compliance-focused risk management and GRC as a whole. Could this be the Next Big Thing of risk?

What do you get when you cross innovation and pioneering? CEO Matt Kunkel and Chief Product Officer Jon Siegler — AKA two of the three founders of LogicGate. Historically, the old-school GRC software space aimed to operationalize regulatory risk and compliance and security programs in two ways: 1) Using technology platforms with rigid data models and 2) Using point solutions — that don’t integrate well with other applications — to solve specific use cases, third-party risk and more. In Matt and Jon’s opinion, that’s why The Risk Cloud™ represents a departure from what we know about GRC. In this episode of GRC & Me, tune in to hear how these visionaries have disrupted the GRC industry with The LogicGate Risk Cloud, a platform that presents a solution and has the flexibility to reimagine what risk is entirely. With host Megan Phee, they discuss The Risk Cloud’s extensibility at length, especially what it enables companies (and risk managers!) to do. After listening, ask yourself this: How can The LogicGate Risk Cloud enable effective risk operation for you?

A simple question — “why?” — jumpstarted Heath Anderson’s journey with governance, risk and compliance (GRC). Today, he’s LogicGate’s Information Security Manager. Before that, he worked with development teams in the United States Air Force designing tests to ensure compliance, and the rest is security — err, history. For his first-ever podcast appearance, Heath joined an episode of GRC & Me to discuss how The LogicGate Risk Cloud adds value to the company as well as how he uses it to push security frameworks forward. The LogicGate Risk Cloud is essential for Heath, and not just because he was able to adjust his program to accommodate society’s new normal — it automates Control Management activities and even revealed how he and his team could improve their third party risk management return on investment (ROI) metrics. Plus, can you guess the neat hobby that gets his creative juices flowing?