Enterprise Compliance Today

Compliance Manager role in modern organizations-Empower decision makers

Posted by Greg Carroll on Mon, Sep 07, 2015 @ 07:14 PM


The Compliance Manager’s role in the modern organization is to enable/empower decision makers to take action and leave the building defensive walls to the Risk Manager with his heat maps. So how can compliance managers start realising their value adding role?

Read More

Tags: Compliance Management, ISO9001:2015, decision making

Napoleon’s Lessons in Strategic Management

Posted by Greg Carroll on Fri, Aug 14, 2015 @ 01:01 PM

With 2015 being the 200th anniversary of the Battle of Waterloo and having a man-crush on Napoleon B, I have taken this opportunity to revisit some of lessons we can learn (good & bad) from his 20 year reign as master of the universe.

Read More

Tags: risk management, risk adverse, Strategic Management, leadership

How to Implement Risk Based Audits & Inspections

Posted by Greg Carroll on Sat, Jul 18, 2015 @ 05:40 PM

With the release of the Final Draft of ISO9001:2015 this week and its focus on risk-based Compliance Management, I thought I would share our approach to Risk-Based Auditing from our experience with the likes of Defence Aviation and the Australian Quarantine Inspection Service, both leaders in the field.
Read More

Tags: Best practices, Compliance Management, risk management, ISO9001:2015, audit & Inspection

The 4 Biggest Mistakes in Compliance Management

Posted by Greg Carroll on Fri, Jul 03, 2015 @ 11:53 AM

Mere compliance with a Framework is an insufficient audit approach; it is critical to assess whether it is current, timely, communicated broadly, and meets the needs of the business. The 4 biggest mistakes are: 
  1.      Not being Outcome focused
  2.      Not using Risk base targeting
  3.      Not Value Adding
  4.      Not being timely
Read More

Tags: Best practices, Compliance Management, audit & Inspection

How to Identify Corporate Risks in ERM

Posted by Greg Carroll on Fri, Jun 26, 2015 @ 03:16 PM

An effective Corporate Risk management system (or ERM) requires developing a detailed inventory of all the drivers and influences and how they affect the organisation.  It requires a methodical and introspective commitment to fully understand what makes things tick, but as with most things, a bit of effort upfront produces a lifetime of benefits.

Read More

Tags: corporate governance, ISO31000 & ERM, Strategic Management

Why Corporate Governance is broken and how to fix it

Posted by Greg Carroll on Thu, May 28, 2015 @ 11:23 AM

Why, with the number of fertile minds that exist in our field, is it still a case of an irresistible force meeting an immovable object.  The paradox I believe, like our would-be entrepreneurs, is one of approach.

Read More

Tags: corporate governance, Compliance Management, erm

Citibank vs Berkshire Hathaway – The Power of Ethics in Governance

Posted by Greg Carroll on Tue, May 12, 2015 @ 01:27 PM

Maybe "Greed is Good" but with a 300% increase in Shareholder Value Berkshire Hathaway proves Ethics pays better!  But if Ethics pays, the traditional "zero tolerance" preach & penalize awareness training approach won't get you there, nuturing will.


Read More

Tags: corporate governance, shareholder value, Strategic Management, ethics

21 Best Practices in Workflow Management

Posted by Greg Carroll on Wed, Apr 22, 2015 @ 09:13 PM

Return of Investment (ROI) does not come for automating a process but from using it to add value.  Value adding comes from targeting time and resources, risk based thinking, and Business Intelligence where they can deliver the greatest benefit to achieving the organisation’s strategic goals.   

Read More

Tags: Best practices, Realization, Optimization, PDCA, ISO9001:2015, grc

Definition of Resilience - #VanuatuStillSmiles

Posted by Greg Carroll on Sat, Apr 11, 2015 @ 11:42 AM

When stripped naked, Resilience is about strength of character and speed of recovery.  Vanuatu has shown both in spades with the succinct #VanuatuStillSmiles.

Read More

Tags: Resilience

Why is it so hard to integrate risk appetite in an organisation?

Posted by Greg Carroll on Thu, Mar 19, 2015 @ 12:23 PM

Risk Appetite is such a simple concept that everyone thinks they know but invariably misunderstand. COSO and other regulatory requirements for boards to issue a Risk Appetite Statement has led to a belief a business has an overarching level of risk tolerance. Personally I don’t believe these Risk Appetite Statements add any value but regulators are regulators.

Read More

Tags: corporate governance, erm, decision making, risk appetite, risk tolerance, risk adverse