GRC blogs
Explore our blogs for expert insights, industry updates, and practical guidance
Designed to challenge ways of thinking and help your enterprise excel in GRC.
-
Third-Party Risk Management software RFP template: questions and scoring
Read more: Third-Party Risk Management software RFP template: questions and scoringEnter your details and we’ll email you the Third Party Risk RFP template: For a lot of organizations, the search for Third-Party Risk Management software starts when the current process stops giving the team a reliable view of risk. Maybe supplier onboarding still runs through email chains, spreadsheets, shared folders, and disconnected questionnaires. Maybe due diligence happens before…
-
Spotlight on Women in GRC: Senior Risk Officer from the banking sector on AI, risk reporting & TPRM
Read more: Spotlight on Women in GRC: Senior Risk Officer from the banking sector on AI, risk reporting & TPRMIn advance of the Women in GRC Awards on 2 July 2026, we are running a podcast series, “Spotlight on Women in GRC”. In this episode, CoreStream GRC Head of Marketing Lucy Montague sits down with Rita Parmar, a Senior Risk Officer with vast experience across the finance sector. As well as Sarbanes-Oxley compliance, governance, regulatory reporting, and non-financial risk. The discussion explores; Rita also shares her…
-
Policy Management software RFP template: questions and scoring
Read more: Policy Management software RFP template: questions and scoringEnter your details and we’ll email you the Policy RFP template: Why do organizations invest in Policy Management software? For many organizations, policy management starts with shared drives, document repositories, spreadsheets, and email-based approvals. While these approaches may work initially, they often become harder to manage as the business grows and compliance requirements increase. The challenge is…
-
Michael Rasmussen podcast with Richard Eddolls: why CoreStream GRC focuses on value-based GRC technology
Read more: Michael Rasmussen podcast with Richard Eddolls: why CoreStream GRC focuses on value-based GRC technologySpeakers: Michael Rasmussen, GRC 20/20, and Richard Eddolls, Co-Founder and Chief Product Officer, CoreStream GRC In this episode of The Hitchhiker’s Guide in the GRC Technology Galaxy, Michael Rasmussen returned to CoreStream GRC’s London office to speak with Richard Eddolls, Co-Founder and Chief Product Officer at CoreStream GRC. The conversation explored the origins of CoreStream GRC, why flexibility and usability still matter in enterprise…
-
5 overlooked retail GRC risks senior leaders should be watching
Read more: 5 overlooked retail GRC risks senior leaders should be watchingKey takeaways Retail leaders are focused on growth, margin, resilience, customer trust and operational performance. For GRC teams to add real value, they need to connect risk and controls to those outcomes, not manage them in isolation. Recent retail examples show why this matters. Lindsay Haselhurst, Chief Operating Officer at Currys, said retail crime statistics “make for difficult reading”, but the…
-
Spotlight on Women in GRC: Risk Director on AI, trust & career paths
Read more: Spotlight on Women in GRC: Risk Director on AI, trust & career pathsIn anticipation for the Women in GRC Awards on 2nd July 2026, we’re running a podcast series “Spotlight on Women in GRC”. In this first episode, Head of Marketing, Lucy Montague of CoreStream GRC sits down with Lauren de Thibault, a Risk Director at a leading global telecommunications company and previous Women in GRC Award winner, and shares how a career spanning law, compliance, governance and risk shaped her leadership style. The…
-
What is the Secure Controls Framework and why does it matter for compliance?
Read more: What is the Secure Controls Framework and why does it matter for compliance?Key takeaways Compliance teams are not short of frameworks. They are short of time, clarity and defensible evidence. The Secure Controls Framework, or SCF, is designed to reduce duplication by consolidating 200+ laws, regulations and frameworks into a single control architecture. SCF covers 1,400+ controls across 33 domains, giving organizations a clearer way to understand…
-
Why GRC platforms need to keep pace with business change
Read more: Why GRC platforms need to keep pace with business changeA GRC platform should not only reflect how your business worked on day 1. It should reflect how your business works now and into the future. Contracts change. Ownership models shift. Reporting lines move. New teams come into scope. New obligations appear. Historic records still matter, but they should not make live work harder to…
-
EHS, ESG and GRC: why sustainability compliance now belongs at the heart of risk
Read more: EHS, ESG and GRC: why sustainability compliance now belongs at the heart of riskHow Enhesa and CoreStream GRC GRC help you turn EHS and sustainability pressure into a joined up, defensible GRC program If you want to see how leading organizations are folding EHS and ESG into their core GRC framework, this is the place to start. 1. Integrating Environment, Health & Safety (EHS), Environmental, Social, and Governance…
-
Effective AI-enabled GRC: how to implement trusted, verified AI into risk and compliance
Read more: Effective AI-enabled GRC: how to implement trusted, verified AI into risk and complianceAbstract AI has moved quickly from boardroom curiosity to operational pressure. GRC teams are being asked to reduce manual work, strengthen assurance, and do more with the same headcount. The problem is that generic AI can sound right while producing outputs that are hard to evidence, hard to explain, and impossible to defend in front…
Ready to speak to our experts?
Discover our case studies
The success stories of flexible intuitive GRC technology
-
CASE STUDY: Implementation success story
Raising the bar on Conflict of Interest management: CoreStream GRC’s high quality implementation services success story Everyone’s heard the horror stories of GRC implementations that drag on for months, sometimes years, with personnel moving in and out as people leave before the project is done. It’s no wonder risk and compliance teams cling to the devil they know. The fear of scope creep, decision paralysis, slipping timelines, and sheer…
-
CASE STUDY: Wood Group
Simplifying global audit management with CoreStream GRC Key takeaways Wood is a global engineering and operations business with around 35,000 people across 60 countries. After a major acquisition, its assurance, action tracking and non-conformance processes were spread across around 45 different systems: “We found we had somewhere in the region of 45 action tracking systems. They ranged from HTML to SharePoint…
-
CASE STUDY: COI GRC 2020 solution perspective
The client stories behind Michael Rasmussen’s Conflict of Interest Management solution perspective for CoreStream GRC Introduction Michael Rasmussen, globally recognized GRC thought leader and former Forrester analyst who originally defined the Governance, Risk, and Compliance market, recently drafted his perspective on CoreStream GRC’s conflict of interest solution. For this analysis, Michael engaged with 3 organizations actively using the CoreStream GRC platform to manage conflicts of interest. While operating in…
Ready to upgrade your GRC tech?
Contact the team and request your demo today.
This form may not be visible due to adblockers, or JavaScript not being enabled.