• Governance and risk

    Governance and risk

    What is governance and risk? Governance and risk describes how an organization directs, oversees, and makes decisions about uncertainty. Governance sets the structure for decision-making, accountability, reporting, oversight, and challenge. Risk management helps the organization understand what could affect its objectives, how serious those risks are, who owns them, and what action is needed. In…

  • What is Risky Women? Key insights from the Spotlight on Women in GRC podcast  

    What is Risky Women? Key insights from the Spotlight on Women in GRC podcast  

    In a special edition of the Spotlight on Women in GRC podcast, we spoke to Chief Risky Woman and founder of Risky Women, Kimberley Cole about the community she created back in 2014, which has since become a global network, and a real-time indicator of where GRC is heading next.  What is Risky Women and why do we need…

  • Inside the 2026 Women in GRC Awards: recognition, representation and the future of GRC

    Inside the 2026 Women in GRC Awards: recognition, representation and the future of GRC

    The 2026 Women in GRC Awards brought together a community of leaders, rising stars and allies to celebrate the people shaping the future of governance, risk and compliance. As headline sponsor, CoreStream GRC was proud to support an evening focused on recognition, representation and the power of keeping the conversation going long after the awards…

  • When the US government switched off AI: what the Anthropic shutdown means for your GRC program 

    When the US government switched off AI: what the Anthropic shutdown means for your GRC program 

    Key takeaways  Introduction: for many businesses the lights went out when the US government enforced AI restrictions   Picture this: it’s the morning of 13 June 2026 and the compliance team at a mid-sized, European financial services business opens their AI-assisted regulatory monitoring tool – the one they recently rolled out, that surfaces horizon risk items and flags policy changes across five jurisdictions. It is offline, with no warning email, no estimated time of restoration and, critically, no fallback. …

  • Spotlight on Women in GRC: VP Compliance and MLRO on financial crime, AI and sponsorship 

    Spotlight on Women in GRC: VP Compliance and MLRO on financial crime, AI and sponsorship 

    Key takeaways  In this episode of CoreStream GRC’s Spotlight on Women in GRC podcast, Lucy Montague speaks with Jaypee Soule, VP Compliance and MLRO at PensionBee.  Jaypee’s route into governance, risk and compliance is grounded in values: integrity, fairness, investigation and the desire to help organizations do things properly.   The conversation explores:  The message is clear: the next era of…

  • Controls management: how to prove value, not just activity  

    Controls management: how to prove value, not just activity  

    Key takeaways  Introduction: why controls management needs to move beyond activity  Most organizations have controls in place. That is not the hard part.  The harder question is whether those controls are effective, current, owned by the right people, supported by evidence and connected to the risks that matter most. This is the proof burden now sitting behind…