How Good is your GRC?: Twelve Questions to Guide Executives, Boards, and Practitioners - Softcover

Norman Marks has been recognized for his thought leadership around GRC (honored as a Fellow of the Open Compliance and Ethics Group), risk management (as an Honorary Fellow of the Institute of Risk Management), and internal audit. Norman has written extensively about GRC, what it is and what it is not. In this book, he shares his views on what GRC really is, why it is important to any organization, and how boards, executives, and internal audit practitioners can assess its effectiveness. The book discusses 12 questions that strike to the heart of GRC, such as "Are goals and strategies to achieve them clearly established and communicated across the organization, so that there are common goals and objectives?", "Does the organization work in harmony, sharing information and working towards shared goals?", and "Is there integration between strategy-setting and risk, performance management and risk, budget and strategy, strategy and compliance, etc.?"

Norman Marks, CPA, CRMA is an evangelist for “better run business”, focusing on corporate governance, risk management, internal audit, enterprise performance, and the value of information. He is also a mentor to individuals and organizations around the world. Norman was the chief audit executive of major global corporations for twenty years and is a globally-recognized thought leader in the professions of internal auditing and risk management. In addition, he has served as chief risk officer, compliance officer, and ethics officer, and managed what would now be called the IT governance function (information security, contingency planning, methodologies, standards, etc.) He ran the Sarbanes-Oxley Section 404 (SOX) programs and investigation units at several companies. He is the author of the Institute of Internal Auditors’ “Management’s Guide to Sarbanes-Oxley Section 404: Maximize Value Within Your Organization”), which has been described as “the best Sarbanes-Oxley 404 guide out there for management”. Norman is a member of the review boards of several audit and risk management publications (including the magazines of ISACA and the IIA), a frequent speaker internationally, the author of multiple award-winning articles, and a prolific blogger about better run business (consistently rating as one of the top global influencers in social media on the topics of GRC, internal audit, risk management, and governance). Norman was profiled in publications of the AICPA and the IIA as an innovative and successful internal auditing leader. He has also been honored as a Fellow of the Open Compliance and Ethics Group for his GRC thought leadership, and as an Honorary Fellow of the Institute of Risk Management for his contributions to risk management.