GRC blogs
Explore our blogs for expert insights, industry updates, and practical guidance
Designed to challenge ways of thinking and help your enterprise excel in GRC.
-
Gifts and Entertainment software RFP template: questions and scoring
Read more: Gifts and Entertainment software RFP template: questions and scoringEnter your details and we’ll email you the G&E RFP template: From talking with our expert community, we know that for a lot of teams, the search for gifts and entertainment software starts when the current process stops feeling defensible. Maybe declarations still sit across email chains, spreadsheets, shared folders, or basic forms that were never built for sensitive compliance…
-
The value-based guide to GDPR: EU and UK privacy compliance optimization
Read more: The value-based guide to GDPR: EU and UK privacy compliance optimizationAt its best, General Data Protection Regulation (GDPR) was never meant to be a paperwork regime. It was meant to change behavior. GDPR is a framework for making better decisions about data, proving accountability, reducing operational confusion, building trust, and protecting the business as it grows. That is the part too many organizations still miss…
-
Intelligence‑first GRC: the AI webinar every risk & compliance leader should watch
Read more: Intelligence‑first GRC: the AI webinar every risk & compliance leader should watchDate: Monday 20th April 2026 Time: 4 PM CET / 3 PM BST / 10 AM EST Speakers: SANNOS’ CEO and CoreStream GRC’s GRC Strategy Director 97% of GRC professionals report using AI to streamline compliance and risk processes. But in the race to keep up, Artificial Intelligence has often been bolted onto existing tools…
-
How to identify quick wins in your GRC processes using value‑based analysis – workshop deep dive
Read more: How to identify quick wins in your GRC processes using value‑based analysis – workshop deep diveGovernance, risk, and compliance teams are under pressure to do more with less. Activity is often fragmented across spreadsheets, inboxes, slide decks, and siloed tools. Many teams already know their programs could be improved, but they struggle to define a realistic path forward or work out how to optimize what they already have in a way that…
-
Audit management software guide: build an audit program you can defend
Read more: Audit management software guide: build an audit program you can defendMost organizations do not struggle because they cannot run an audit. They struggle because audit activity is fragmented, evidence is scattered, ownership is vague, and the same teams get hit with overlapping requests from internal audit, external audit, compliance, regulators, and customers. That is where audit management breaks down. The real issue is rarely whether…
-
Provision 29 compliance, explained: how boards can turn internal controls into a business advantage
Read more: Provision 29 compliance, explained: how boards can turn internal controls into a business advantageProvision 29 has changed the conversation for UK boards. This is no longer about showing you have policies, frameworks and good intentions on paper. It is about whether the board can stand up and say, publicly and with confidence, that the company’s material controls were effective at the balance sheet date, and explain how that conclusion was…
-
Conflict of interest software Request For Proposal template: questions and scoring
Read more: Conflict of interest software Request For Proposal template: questions and scoringEnter your details and we’ll email you the COI RFP template: For a lot of teams, the search for a Conflict of Interest management solution starts because the current process is no longer holding up. Maybe the business has no dedicated system and disclosures are being managed in spreadsheets, email chains, shared folders, or forms that were never designed for sensitive compliance workflows.…
-
Managing third party risk: what modern, risk based due diligence really requires
Read more: Managing third party risk: what modern, risk based due diligence really requiresHow VinciWorks and CoreStream GRC help you build a risk-based, defensible third-party risk management program. If you want a practical, easy to follow walkthrough of how to get third-party risk management right, this webinar is a great place to start. What this webinar is about: connecting Governance, Risk and Compliance (GRC) with smarter third-party due…
-
Designing your dream GRC home part 6: growth & adaptability that last
Read more: Designing your dream GRC home part 6: growth & adaptability that lastBy Head of Client Solution Design, Lionel Matsuya Over the years advising organizations on risk and control design, I have seen a consistent pattern. GRC frameworks and solutions are implemented thoughtfully and with real commitment. For a time, they work well: reporting is clear, ownership is understood, and assurance has structure. Then the organization changes, and the GRC platform can’t keep up. Growth introduces…
-
How ISO 31000 makes your business faster, more confident, and more competitive
Read more: How ISO 31000 makes your business faster, more confident, and more competitive“ISO 31000 is an international standard that provides principles and guidelines for risk management. It outlines a comprehensive approach to identifying, analyzing, evaluating, treating, monitoring and communicating risks across an organization. “ International Standard on Governance of Organizations (ISO) ISO frames risk as the “effect of uncertainty on objectives.” That is a big shift from the traditional approach of asking “what…
Ready to speak to our experts?
Discover our case studies
The success stories of flexible intuitive GRC technology
-
CASE STUDY: Implementation success story
Raising the bar on Conflict of Interest management: CoreStream GRC’s high quality implementation services success story Everyone’s heard the horror stories of GRC implementations that drag on for months, sometimes years, with personnel moving in and out as people leave before the project is done. It’s no wonder risk and compliance teams cling to the devil they know. The fear of scope creep, decision paralysis, slipping timelines, and sheer…
-
CASE STUDY: Pool Re
From constraint to control: how CoreStream GRC transformed risk management at Pool Re About Pool Re Pool Re is the UK’s largest terrorism reinsurer, trusted by over 150 insurers and globally recognized as the leading experts in terrorism risk financing. Their mission is to provide financial protection against the risk of terrorism and, in so…
-
GUIDE : Value-based compliance culture
Practical guide to implementing value-based compliance for cultural change This is a practical guide to implementing value-based compliance for real cultural change. Not the “annual training and hope for the best” version. The kind where people make the right call when no one is watching, and you can prove it without a spreadsheet scavenger hunt.…
Ready to upgrade your GRC tech?
Contact the team and request your demo today.
This form may not be visible due to adblockers, or JavaScript not being enabled.