Office Hours is a work of passion to share strategies, technology ideas, and real-world stories that inspire governance, risk management, compliance, and audit professionals to live their biggest impact! Our channel is dedicated to delivering the best stories and strategies in developing GRC programs we've seen across 7,000 organizations in 140 countries around the world. In every episode we'll drill down on a topic that can help you level up - risk management, compliance automation, data analytics, next-generation auditing, robotic process automation, artificial intelligence, etc.
This week on Office Hours, hosts Dan Zitting and Kevin Legere reflect on their time working in compliance and try to extract some common themes that seem to make compliance smoother and put control over compliance risk back in the hands of the compliance professionals (who CAN'T just be check mark chasers if compliance burden is a concern). We share in this episode how lessons we learned from the CPA exam, defense lawyers, and criminal trials influence our thinking about compliance programs and, in turn, how we thought about structuring technology to help. This episode is a little preachy, we didn't mean that way, but we feel strongly about changing the paradigm for compliance. Hope you like it!
This week on Office Hours, our hosts, Dan Zitting and Kevin Legere, talk about managing risk events. What are risk events? They could be anything from an ethics hotline reports, conflict disclosures, security incidents, sexual harassment incidents, unexpected financial instrument value fluctuations, physical security breaches, vendor failures, etc., etc. No matter which function you're in or the risk you're responsible, it is surely possible to centralize the capture, review, and remediate these events in a way that maximizes assurance of appropriate follow-up while creating insightful reporting and automating much of the process. In this episodes we share examples of how to do so in ACL software, bu the principles apply regardless.
This week on Office Hours, our hosts, Dan Zitting and Kevin Legere, talk about having a plan and roadmap for SOX that will differentiate the value your program delivers. Most companies have basic SOX testing nailed down by now, but it's still far too manual and far too inefficient. These types of SOX programs are growing stale - we need a roadmap to better value. Additionally, robotic automation is coming to SOX programs, so we can either be the ones building the automation or the ones being automated. This episode lays out the maturity curve and gives real examples to push toward getting there.