Alla Valente

Businesses always need to adapt their operations to changing circumstances, and the pandemic has only exacerbated the need to rethink risk management strategies. COVID-19 has simultaneously highlighted the necessity of risk management and exposed the gaps that exist in many governance, risk, and compliance (GRC) programs today. The pandemic also accelerated digital strategy and transformation […]

2020 taught us that we underestimate the role of the supply chain until we're inconvenienced. It also taught us that supply chain risk is business risk.

Firms have been outsourcing systems, business processes, and data processing activities to third-party service providers (TSPs) for years, but they are only one category of relationships that introduce risk into the enterprise. Now, firms are more dependent than ever on the vast network of third-party relationships, from vendors and suppliers to digital marketing agencies and […]

While firms spend millions of dollars conducting and auditing compliance-driven activities, several of the steepest losses in valuation and market share were precipitated by strategic decisions which all but ignored the risks to the customer experience and the financial implications of a tarnished corporate brand. In the age of the customer, unless a technology continues […]

Just over two weeks ago, Susan Fowler’s book, Whistleblower: My Journey to Silicon Valley and Fight for Justice at Uber, published. She tells a story of a broken corporate culture where she experienced and witnessed sexism, harassment, and abuse during her time working for Uber. She confronted her HR department, where she was met with […]

As 40,000 attendees descend on San Francisco for the annual security pilgrimage that is the RSA Conference, more sponsors pull out of the event citing safety concerns over the Coronavirus (Covid-19) Pandemic.

Waiting for the RSA Conference is a bit like counting down the days until Christmas. And RSA with a full conference pass is the security and risk version of the Toys”R”Us “Big Toy Book” but better — my only limits are good time management, a realistic assessment of logistics, and a pair of comfortable shoes. […]

The market for governance, risk, and compliance (GRC) technologies is competitive, diverse, and supports a broad range of capabilities. Having many options to choose from is a good thing; having too many options without a clear sense of what you need, what you can afford, or what resources are available to utilize the technology you’ve […]

In the US, cannabis is fully legal (medical and recreational) in 11 states and Washington, DC. For medical use, it is legal in 33 states. This is a flourishing industry, with one study conservatively estimating it will reach $30 billion by 2025. As dispensaries set up shop, they face many of the same risks as […]

This year’s NCSAM theme of “Own IT. Secure IT. Protect IT.” is a powerful call to action for ownership and accountability. However, many heeding this call won’t think about how it also extends to the vast and growing network of third-party relationships. Why? For most organizations, third parties complicate cybersecurity risk management.

The Forrester Tech Tide™: Governance, Risk, And Compliance Management, Q4 2019 report segments critical governance, risk, and compliance (GRC) technologies to aid risk and compliance pros as they seek to prioritize immediate needs and future investment in GRC management technology.

It's time to reconsider the whistleblower. It's in companies' best interests to know about and fix ethical missteps before they turn into full-blown scandals.

Buzzwords are the bane of my existence! As a former SaaS tech marketer, I’ve used my fair share. Since joining Forrester a month ago as an analyst on the security and risk team, one of the buzzwords I’m hearing most is “RegTech.” RegTech isn’t just hype. Forrester defines RegTech as the technology-enabled transformation of the […]