Governance, Risk & Compliance

Governance, Risk & Compliance
If you had a magic wand - what's the #1 daily business challenge you'd eliminate?

Top Answer: Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.


What is the current state of ransomware attacks? What level of defense and preparedness do companies have from their backup support?

What role does IT play in sustainability efforts?

Top Answer: IT has an opportunity in this area because it can make sustainability efforts more effective for the company, both in managing and observability metrics, etc. IT can also implement change that allows for more efficient operations, as well as implement change in IT specifically, no different from marketing or sales. Every organization has to have its own improvement objectives apart from trying to improve the broader company operations. But it's easy for the modern company to capture the majority of its impact in IT. Whether it's your own personal data centers or capacity you use from a partner data center, cloud provider, or some combination of those, a lot can be done with your global networks. Many people don't realize that networks have one of the biggest impacts on sustainability and energy use in general. So they talk about moving to the cloud only to realize that they're spending more and potentially creating more impact because of the increased network traffic.

How do you see sustainability efforts in the industry progressing?

Top Answer: There are other nations that we can learn more from in the US and tie that back in an innovative way to what we're doing in our respective businesses. But overall, we have a long way to go. The good thing is, with social media platforms there is an organic impulse. Companies are being put on the hook because there's so much more visibility; it’s not only the big media outlets that report negative information about what someone or something is doing. Now, anyone with a cell phone can report this stuff. So more people are going to be on the hook in the long run, but I'm hoping that we can continue to push as a human race and get to that carbon-neutral state.

Cybersecurity Risk Management in 2021Cybersecurity Risk Management in 2021

A high-level look at approaches to cybersecurity risk in 2021. How do you compare to these peer benchmarks?

Are environmental, social, and governance (ESG) programs created to foster change, or are they for publicity & branding?

Top Answer: There are still a lot of folks doing ESG because it's the buzzword that's going to get them the investment, or the trust. And I wonder how many are doing it because they truly believe that climate change is real, and that they have to do something about it because they can. So I have a bit of skepticism about the true nature of all of these ESG initiatives and the focus on corporate responsibility. I do see a lot of impact when I look at the climate pledge and the bigger initiatives that some of the very large tech companies have kicked off. But we still have a long way to go before ESG is part of the norm.

Are environmental, social, and governance (ESG) programs mostly about environmental sustainability?

Top Answer: ESG is an area that's had an increased amount of attention not only because of the environmental cost of climate change, which is a big risk to growth, but because of people as well. The social piece is becoming even more important. For example, people are discussing the ethics around leadership pay as billionaires have become even bigger billionaires during COVID. It's an ESG focus that will put controls around that.

If you are a current SAP customer, when do you plan to migrate to SAP S/4HANA?

Top Answer: No plan to migrate soon.

Related Tags
People & Leadership
Strategy & Architecture
End-User Services & Collaboration
Applications & Platforms
Governance, Risk & Compliance
Data & Analytics
Business Intelligence
Disruptive & Emerging Technologies
Team & Organizational Design
Security Strategy & Roadmap
IT Strategy & Roadmap
Outsourcing & Managed Services
Backup & Disaster Recovery
Public Cloud
Hybrid Cloud
Contact Center & Telecom
Data Center
Device Management
End-User Devices
Productivity Tools
Collaboration Solutions
Document Management
Business Applications
Human Resources (HRIS)
Technical Product Management
Software Development
Quality Assurance
Continuous Integration/Continuous Deployment (CI/CD)
Enterprise & IT Service Management (ITSM)
Availability & Capacity Management
KPIs, Metrics & Reporting
Financial Management
Vendor Management
Service Desk
Management Tools
Risk Management
Data Privacy
Artificial Intelligence & Machine Learning (AI/ML)
Data Warehouse
Security & GRC
Identity & Access Management (IAM)
Peer Insights
Vendor/Product Recommendation
Business Continuity & Disaster Recovery
Crisis Management
Customer Engagement
Customer Relationship Management (CRM)
Enterprise Resource Planning (ERP)
Business Relationships
Talent Management & Performance
Portfolio, Program & Project Management
Data Management
Big Data
Vendor/Product Assessment
Process Management
Asset & Configuration Management
Operations Management
Mobile Development
What are your thoughts on the questionnaires given by clients or partners that have ESG programs?

Top Answer: I've filled out a few of those questionnaires for clients that have ESG programs, and some of them are fine. I'm more than happy to talk about what we do as a company for social impact as well as diversity and inclusion. But the environmental piece becomes complicated as we're a professional services firm that has one office and 350 remote employees with laptops. Everything we do is cloud based. For some of those questionnaires, you can end up scoring low on the environmental side and there isn’t anything your organization could have done to score higher. Some of them do miss the forest for the trees when they should take a more holistic view. It's interesting because the supplier piece of that is definitely in play. As more companies make sustainability a priority, along with ESG and supply chain, we’ll see a bit of a storm brewing.

Should the CISO be fired because of a breach?

Top Answer: I don't think this is a yes/no question. Like most answers to information security questions, answer is 'it depends'.