Governance, Risk Management, and Compliance (Hardcover)

Foreword xiii

Preface xix

Acknowledgments xxiii

Chapter 1: What Is GRC, and Why Does It Matter? 1

What Is GRC? 2

Why GRC Matters 3

Chapter 2: Culture, the Critical Driver 5

What Is Culture? 5

More Cultural Failures 6

Companies That Got It Right 8

Being Legal, Honest, Candid, and . . . 10

Integrity versus Spin 13

Speaking the Same Language 16

Chapter 3: Cost-Effective Compliance Programs 21

The Back-Breaking Costs 22

Beyond the Direct Costs 24

Major Mistakes at Platinum-Branded Companies 24

How Companies Got Where They Are 30

Keys to Getting It Right 31

The Compliance Office 36

Making It Happen 38

The Rewards 39

Chapter 4: Ethics Programs: Another Foundational Block 41

Tone at the Top 42

Problems at Daimler 42

Elements of an Ethics Program 43

Setting the Tone at the Top: Hewlett-Packard 51

Chapter 5: Risk Management and the Financial System’s Near Meltdown 59

What Went So Terribly Wrong 59

The Regulatory System 63

Merrill Lynch 65

Where Were the Boards? 68

Did CEOs See It Coming? 70

Chapter 6: What Is Risk Management About? 75

Risk 76

Risk Management 79

Enterprise Risk Management 80

Is It Really Worth the Effort? 85

ERM Application Techniques 88

Key Risk Indicators 91

BP 92

Chapter 7: Implementing ERM 99

Drivers for ERM 99

Pitfalls 102

Effective Implementation 106

Roles and Responsibilities 114

Chapter 8: Does Internal Control Really Matter? 119

Impact of SOX 404 on Financial Reporting 122

Responsibility for SOX 404 124

Other Relevant SOX Provisions 126

Do Effective Financial Reporting Controls Really Prevent Fraudulent Financial Reporting? 127

Real Life in the C-Suite 130

Chapter 9: Control over Operational Performance 133

IT Controls 134

Société Générale 135

Washington Mutual 139

Countrywide Financial Corporation 143

The Foreclosure Fiasco 144

Chapter 10: Boards of Directors’ Focus 153

A Focus on the Rules 155

Truly Effective Boards 156

A Public Watchdog? 158

Societal Responsibility 160

Potential Pitfalls 163

Chapter 11: Overseeing Strategy and Risk Management 169

Strategy 169

Risk Management 173

Chapter 12: CEO Compensation, Succession Planning, and Crisis Management 185

CEO Compensation 185

Succession Planning 192

Crisis Management 196

Chapter 13: Performance Measurement and Reporting 201

Performance Measures 201

Financial Reporting 205

Chapter 14: Building an Effective Board 219

Looking Objectively 220

A Shift in Direction 221

Building a Better Board 223

Board Assessments 226

Bottom Line 230

Chapter 15: Avoiding Board Pitfalls 231

Following the Herd 231

Obtaining Critical Information 238

A Leaky HP Board 245

Another Leak—What Was He Thinking? 249

Chapter 16: Where the Power Lies 251

A Tug of War 252

Shareholder Activism 252

Recent Achievements 253

Dodd-Frank’s Proxy Access 256

Where to Draw the Line 261

Finding the Right Balance 262

Where We Need to Evolve 264

Chapter 17: Structural Issues at the Board 265

Combined versus Separate Chairman and CEO 265

Empowering CEOs in a Shifting Landscape 271

Director Compensation 274

Chapter 18: Looking to the Future 281

New Models for Board Governance 281

A Healthy Governance Environment 285

Boards’ Perspectives on Risk 289

Grasping the Holy Grail of Governance 290

What the Future Holds 293

About the Author 299

Index 301