Author: corestream-adm
-
Why easy login can create risk in GRC and Conflict of Interest systems
Read more: Why easy login can create risk in GRC and Conflict of Interest systemsBy Mike VidoniSenior GRC Client Executive & Customer Success, CoreStream GRC Key takeaways Introduction: When does convenience become a control weakness? GRC teams need people to use their systems. A Conflict of Interest process cannot work properly if employees, or board members struggle to complete disclosures because the process is unnecessarily complicated. But login design is not simply a usability decision. It…
-
What is ISO 27001? A practical guide to information security management
Read more: What is ISO 27001? A practical guide to information security managementAbstract ISO 27001 gives organizations a structured way to manage information security risk. But for many teams, the real challenge is not understanding the standard. It is maintaining the evidence, ownership and control visibility needed to prove the system works. This guide should explain what ISO 27001 is, why it matters, how certification works, what Annex A controls cover, and why…
-
World Cup stadium strike was narrowly averted: how resilient are your critical suppliers?
Read more: World Cup stadium strike was narrowly averted: how resilient are your critical suppliers?Key takeaways Introduction: What happened at the 2026 World Cup? Days before the World Cup began, a supplier issue at one of the tournament’s highest-profile venues was narrowly avoided. Reuters reported that a union representing around 2,000 food and beverage workers at SoFi Stadium reached a tentative agreement with Legends Hospitality only days before the tournament. AP described the agreement as averting a…
-
Is the vendor risk assessment dead?
Read more: Is the vendor risk assessment dead?Is the traditional vendor questionnaire still fit for purpose? Imagine beginning a vendor assessment without sending another 200-question form. Before contacting the third party, you already understand who the organization is, who sits behind it, and whether there are public risk signals that warrant closer attention. You can ask the vendor for the evidence it already holds, identify the gaps that…
-
Governance structure
Read more: Governance structureWhat is a governance structure? A governance structure is the way an organization organizes authority, oversight, accountability, and decision-making. It explains who has the power to decide, who needs to approve, who must be consulted, what gets escalated, and how leadership can see whether the organization is operating in line with its objectives. In GRC, a governance structure matters…
-
Governance framework
Read more: Governance frameworkWhat is a governance framework? A governance framework is the structure an organization uses to guide decision-making, assign accountability, manage oversight, and demonstrate how governance works in practice. It sets out who has authority, which decisions require approval, how issues are escalated, and how governance activity is monitored and reported. In governance, risk and compliance (GRC), a clear governance…
-
Governance
Read more: GovernanceWhat is governance? Governance is the system an organization uses to direct decisions, oversee performance, assign authority, and hold people accountable. It sets the rules for who can decide, who needs to approve, what evidence must be kept, and how leadership can see whether the organization is acting in line with its purpose. In governance, risk, and compliance, governance…
-
Good governance
Read more: Good governanceWhat is good governance? Good governance is governance that works in practice. It means an organization is directed, overseen, and held accountable in a way that is clear, fair, responsible, and effective. UN ESCAP describes good governance as having 8 major characteristics: “participatory, consensus oriented, accountable, transparent, responsive, effective and efficient, equitable and inclusive and…
-
Spotlight on Women in GRC: Former Head of Internal Financial Controls on AI, leadership & work-life balance
Read more: Spotlight on Women in GRC: Former Head of Internal Financial Controls on AI, leadership & work-life balanceTo countdown to the Women in GRC Awards on 2 July 2026, we are running a podcast series, “Spotlight on Women in GRC”. In this episode, CoreSream GRC’s Head of Marketing, Lucy Montague sits down with Nikki Absolom, Tax Technology and Transformation Lead at IVC Evidensia, former Head of Controls at Pets at Home, and an Independent Board…
-
CoreStream GRC 3.5 Release Notes
Read more: CoreStream GRC 3.5 Release Notes1.0 Document purpose This document provides a summary of the highlights of the CoreStream GRC Release 3.5 release. Major Platform releases are finalized every 2-3 months depending on client and strategic priorities. These release notes are part of CoreStream GRC’s approach to keeping clients and partners informed of the improvements we are delivering. This document summarizes the key user stories and issue fixes, categorized in the following ways,…