Innovation in Compliance with Tom Fox

Risk Management and Corporate ESG with Dan Zitting


Listen Later

Dan Zitting, previously Chief Product Officer, now holds the title of CEO at Galvanize, a software company that helps its clients achieve their goals and objectives. He is also now the Chief Product Officer of Diligence. Tom Fox welcomes him back to this week’s show to take a look back at the GRC professional's role in corporate ESG and risk management. 


GRC On The Frontline

A company's defenses have to be in the remit of their GRC professional, not left up to the CSO. Dan remarks that while there is engagement by GRC professionals in minimizing company cyber risk, more needs to be done. GRC professionals have to ask themselves if they are managing cyber risk in ways that are helpful to the company's CSOs, by providing tools and resources to support them. "There's still work to be done in making sure that everything we're doing from a policy, controls, and compliance standpoint is actually adding value for the CSO and helping them deploy their programs, as opposed to just feeling like they're being checked on by the police to see if they're doing it right," Dan tells Tom. 


ESG and Investment

Investor dollars are fueling the growth and expansion of ESG and aren't only coming from investment funds anymore. Private equity firms and banks are getting involved. If someone wants to borrow money, insurance companies assess ESG risk as part of their overall risk management strategy. "If companies want to access capital, they need to have an ESG program in place," Tom remarks.


A Role To Play

The best way, Dan suggests, to get GRC professionals to understand the ownership roles they have to play in ESG, is by creating a center of excellence for ESG. By creating this center, and making ESG a business objective, you can then split the responsibilities across the organization. "Splitting the responsibilities across those different lines of defense for those different functions in a way where somebody…can get a combined view of how effective we think we are from an ESG standpoint, should be the goal," Dan adds. 


The Importance of Real-Time Reporting

Real-time reporting is the G in ESG. Being able to give an accurate picture of risk to a company's board is intrinsic to ESG, and is vital to acting on those risks efficiently. "Risk professionals too often are asking 'Why don't I have real-time information,' instead of actually being the one out creating it and bringing in the technical skill necessary to be able to analyze data fast enough to get real-time insight," Dan expresses. Governance in the present and future needs to move at a pace faster than it has in the past, in order to report on risks. Being able to point out to the board when governance is failing, so that measures can be implemented, is also extremely important. 


Resources

Dan Zitting | LinkedIn | Twitter 

Galvanize

Diligence

...more
View all episodesView all episodes
Download on the App Store

Innovation in Compliance with Tom FoxBy Thomas Fox

  • 4.5
  • 4.5
  • 4.5
  • 4.5
  • 4.5

4.5

17 ratings


More shows like Innovation in Compliance with Tom Fox

View all
The Daily by The New York Times

The Daily

110,845 Listeners

Corruption Crime & Compliance by Michael Volkov

Corruption Crime & Compliance

42 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

163 Listeners

Everything Compliance by Thomas Fox

Everything Compliance

1 Listeners

Compliance into the Weeds by Tom Fox

Compliance into the Weeds

11 Listeners

Daily Compliance News by Tom Fox

Daily Compliance News

7 Listeners

Personal Landscapes by Ryan Murdock

Personal Landscapes

15 Listeners

The AI Daily Brief (Formerly The AI Breakdown): Artificial Intelligence News and Analysis by Nathaniel Whittemore

The AI Daily Brief (Formerly The AI Breakdown): Artificial Intelligence News and Analysis

500 Listeners

The Rest Is Classified by Goalhanger

The Rest Is Classified

858 Listeners