Author: Esme Dyos
-
CoreStream GRC 3.4 Release Notes
Read more: CoreStream GRC 3.4 Release Notes1.0 Document Purpose This document provides a summary of the highlights of the CoreStream GRC Release 3.4 release. Major Platform releases are finalized every 2-3 months depending on client and strategic priorities. These release notes are part of CoreStream GRC’s approach to keeping clients and partners informed of the improvements we are delivering. This document…
-
CoreStream GRC shortlisted in the Women in GRC 2026 Awards
Read more: CoreStream GRC shortlisted in the Women in GRC 2026 AwardsWe’re proud to share that women across the CoreStream GRC community have been shortlisted in 4 categories at the 2026 Women in Governance, Risk, and Compliance Awards. This year’s shortlist reflects something we care deeply about at CoreStream GRC: practical female leadership. The kind that turns complex requirements into working systems, brings clarity to risk…
-
What 2026’s data breach headlines reveal about the limits of data governance software
Read more: What 2026’s data breach headlines reveal about the limits of data governance softwareAs many business leaders will have noticed, data breach headlines have come thick and fast in early 2026, but the bigger story is not just volume. It is pattern. Look across the year’s most visible incidents and the same problem keeps surfacing through different routes. Different sectors, different systems, different immediate causes, but the same…
-
How to identify quick wins in your GRC processes using value‑based analysis – workshop deep dive
Read more: How to identify quick wins in your GRC processes using value‑based analysis – workshop deep diveGovernance, risk, and compliance teams are under pressure to do more with less. Activity is often fragmented across spreadsheets, inboxes, slide decks, and siloed tools. Many teams already know their programs could be improved, but they struggle to define a realistic path forward or work out how to optimize what they already have in a way that…
-
The hidden risks of quick‑fix compliance tools in an era of proof‑based regulation
Read more: The hidden risks of quick‑fix compliance tools in an era of proof‑based regulationRecent reporting suggests compliance leaders are entering a tougher phase. Regulatory fragmentation is pushing businesses away from self-declaration and toward verified data. Meanwhile AI, fraud, and rising complexity are turning compliance into a technology arms race just as already-stretched teams face tighter resources and mounting pressure to move faster. That is exactly why the idea…
-
Audit management software guide: build an audit program you can defend
Read more: Audit management software guide: build an audit program you can defendMost organizations do not struggle because they cannot run an audit. They struggle because audit activity is fragmented, evidence is scattered, ownership is vague, and the same teams get hit with overlapping requests from internal audit, external audit, compliance, regulators, and customers. That is where audit management breaks down. The real issue is rarely whether…
-
AI is redefining third party risk: why your “approved” vendors may no longer be safe storage for data
Read more: AI is redefining third party risk: why your “approved” vendors may no longer be safe storage for dataFor years, vendor risk was treated almost exclusively as a procurement event. You assessed a new provider, negotiated terms, signed the contract and moved on to monitoring. However, that model is starting to break. The real issue now is not just new vendors entering your business ecosystem. Existing vendors are changing underneath you, in unprecedented…
-
Provision 29 compliance, explained: how boards can turn internal controls into a business advantage
Read more: Provision 29 compliance, explained: how boards can turn internal controls into a business advantageProvision 29 has changed the conversation for UK boards. This is no longer about showing you have policies, frameworks and good intentions on paper. It is about whether the board can stand up and say, publicly and with confidence, that the company’s material controls were effective at the balance sheet date, and explain how that conclusion was…
-
Conflict of interest software Request For Proposal template: questions and scoring
Read more: Conflict of interest software Request For Proposal template: questions and scoringEnter your details and we’ll email you the COI RFP template: For a lot of teams, the search for a Conflict of Interest management solution starts because the current process is no longer holding up. Maybe the business has no dedicated system and disclosures are being managed in spreadsheets, email chains, shared folders, or forms that were never designed for sensitive compliance workflows.…
-
Managing third party risk: what modern, risk based due diligence really requires
Read more: Managing third party risk: what modern, risk based due diligence really requiresHow VinciWorks and CoreStream GRC help you build a risk-based, defensible third-party risk management program. If you want a practical, easy to follow walkthrough of how to get third-party risk management right, this webinar is a great place to start. What this webinar is about: connecting Governance, Risk and Compliance (GRC) with smarter third-party due…