Categories
Innovation in Compliance

Risk Management and Corporate ESG with Dan Zitting


 
Dan Zitting, previously Chief Product Officer, now holds the title of CEO at Galvanize, a software company that helps its clients achieve their goals and objectives. He is also now the Chief Product Officer of Diligence. Tom Fox welcomes him back to this week’s show to take a look back at the GRC professional’s role in corporate ESG and risk management. 
 

 
GRC On The Frontline
A company’s defenses have to be in the remit of their GRC professional, not left up to the CSO. Dan remarks that while there is engagement by GRC professionals in minimizing company cyber risk, more needs to be done. GRC professionals have to ask themselves if they are managing cyber risk in ways that are helpful to the company’s CSOs, by providing tools and resources to support them. “There’s still work to be done in making sure that everything we’re doing from a policy, controls, and compliance standpoint is actually adding value for the CSO and helping them deploy their programs, as opposed to just feeling like they’re being checked on by the police to see if they’re doing it right,” Dan tells Tom. 
 
ESG and Investment
Investor dollars are fueling the growth and expansion of ESG and aren’t only coming from investment funds anymore. Private equity firms and banks are getting involved. If someone wants to borrow money, insurance companies assess ESG risk as part of their overall risk management strategy. “If companies want to access capital, they need to have an ESG program in place,” Tom remarks.
 
A Role To Play
The best way, Dan suggests, to get GRC professionals to understand the ownership roles they have to play in ESG, is by creating a center of excellence for ESG. By creating this center, and making ESG a business objective, you can then split the responsibilities across the organization. “Splitting the responsibilities across those different lines of defense for those different functions in a way where somebody…can get a combined view of how effective we think we are from an ESG standpoint, should be the goal,” Dan adds. 
 
The Importance of Real-Time Reporting
Real-time reporting is the G in ESG. Being able to give an accurate picture of risk to a company’s board is intrinsic to ESG, and is vital to acting on those risks efficiently. “Risk professionals too often are asking ‘Why don’t I have real-time information,’ instead of actually being the one out creating it and bringing in the technical skill necessary to be able to analyze data fast enough to get real-time insight,” Dan expresses. Governance in the present and future needs to move at a pace faster than it has in the past, in order to report on risks. Being able to point out to the board when governance is failing, so that measures can be implemented, is also extremely important. 
 
Resources
Dan Zitting | LinkedIn | Twitter 
Galvanize
Diligence
 

Categories
Innovation in Compliance

A Change in the System with Dan Zitting


 
Dan Zitting, previously Chief Product Officer, now holds the title of CEO at Galvanize, a software company that helps its clients achieve their goals and objectives. Tom Fox welcomes him back to this week’s show to talk about fraud risks, and what it means for the compliance professional.
 

 
A Period of Change
Rapid change during the pandemic is the main catalyst for the increase in fraud. The move to remote work created new susceptibility to cyber fraud. “The pandemic and the news, and noise created around it, created all kinds of new ways for clever social engineers to talk people into doing things they shouldn’t be doing,” Dan explains to Tom. It’s important for GRC professionals to be aware of and ready for change, he adds. We have to realize that change has sped up and will continue to do so in the business environment, regulatory environment, and social justice areas. The rate at which change will increase will be much greater in the future than it has been in the past.
 
Choosing The Right Technology
Choosing the right technology to support anti-fraud programs is important. GRC professionals have to shift controls and assess risk fast enough to deal with all the changes that are occurring around them. Having the proper technology on hand can help make their jobs easier. “A lot of technology is effectively built around manually filling out forms, and creating workflows between people to capture risk or assess risk or evaluate controls, and that is just far too slow-moving,” Dan remarks. We need to create automation primarily from data and technology that can evaluate very quickly. We also need to be able to leverage machine learning which will help us identify data that we might not have otherwise known.  
 
Fraud as a Bigger Focus & The Importance of Governance
How fraud connects to the broader array of cybersecurity risks makes it a major focus for CEOs and senior executives. Leaders are seeking to learn more and educate themselves on how compliance officials are analyzing and monitoring the risks, something that was not done as often in the past. Interest in governance within the compliance sector is also gaining headway. Dan explains to Tom that organizations need to have overarching governance strategies that dictate how they look at the incoming risks to the business. 
 
Resources
Dan Zitting | LinkedIn | Twitter 
Galvanize
 

Categories
Compliance and Coronavirus

Dan Zitting on Stakeholder Engagement in the Era of Covid-19


Welcome to the newest addition to the Compliance Podcast Network, Compliance and Coronavirus. In this episode, I am joined by Dan Zitting, Chief Product & Strategy Officer at Galvanize. Dan joins me to discuss issues and challenges around stakeholder engagement brought on by Covid-19.
Some of the highlights include:
·      Role at Galvanize?
·      What does the Galvanize solution bring?
·      What is the HighBond platform and what role does it play?
·      How can these solutions assist a compliance professional?
·      You have said, your “purpose is to “challenge the planet’s organizations to maximize ‘total stakeholder impact’ by operating with a conscience”. What does this mean?
·      How did Galvanize assist , UnitingCare, an Australian largest non-profit health, aged care, disability, and community service providers
 Resources
Check out the Galvanize COVID-19 Toolkit