The GRC landscape is changing at a pace that many, including professionals in the industry, are finding it difficult to keep up with. New regulations (like GDPR), cybersecurity threats and the importance of data governance and privacy have created new challenges that GRC and internal audit professionals must solve rapidly. At the same time, they must also stay on top of their current job duties, leaving little time to keep abreast of the latest regulatory changes, GRC resources and tools, and events that can help them grow in their role.
As a former director at KPMG, I know how busy it can be for those in audit and GRC roles, which is why I created this list of experts to follow in the coming year. These five experts are not featured based on how many followers they have, but on the value of their insights and content for GRC and audit professionals. Here are the GRC/audit experts to follow in 2019:
Norman Marks, CPA, CRMA
Norman Marks is a globally-recognized thought leader in internal audit with years of experience in GRC as a former chief risk officer and chief compliance officer. He has spent years managing IT security and governance functions and has run the Sarbanes-Oxley Section 404 (SOX) programs at several companies. He’s written several books on GRC, risk management and auditing, and is currently a Fellow for the Open Compliance and Ethics Group (OCEG) and an Honorary Fellow for the Institute of Risk Management.
Richard Chambers, CIA, QIAL, CGAP, CCSA, CRMA
Richard Chambers is president and CEO of The Institute of Internal Auditors (IIA), the global professional association and standard-setting body for internal auditors. His insights on the internal audit function are widely admired and often shared on his executive blog series: “Chambers on the Profession.” With 40 years of experience in internal audit, he serves on the Committee of Sponsoring Organizations of the Treadway Commission (COSO) Board of Directors, the International Integrated Reporting Council (IIRC) and The IIA Board of Directors.
Michael Rasmussen, GRCP, CCEP, CISSP
Michael Rasmussen is an internationally recognized pundit on Governance, Risk Management and Compliance (GRC). He currently leads GRC 20/20 Research, a consultancy firm he founded that helps companies navigate GRC technologies, strategies and challenges. With over 25 years of experience, he often speaks, writes and advises on GRC, and is noted as the “Father of GRC.” He currently serves on the Leadership Council of the OCEG and chairs the OCEG Technology Council, OCEG Policy Management Group, and the OCEG GRC Architect Group. He also is an Honorary Life Member in The Institute of Risk Management.
Matt Kelly is compliance consultant and long-time writer and observer of corporate compliance and GRC. He currently runs his own compliance and GRC blog, Radical Compliance, after 13 years of serving as a writer, editor-in-chief and publisher at Compliance Week. He also speaks on internal audit and GRC and occasionally does private research projects or works with compliance-related nonprofits.
Joseph McCafferty is a long-time writer and editor of business topics, specifically internal audit and compliance. He currently is the editor and publisher of Internal Audit 360°, a site that covers news, analysis, insight and ideas for internal audit professionals. His breadth of expertise stems from his time as the Director of Audit Content at the MIS Training Institute, which specializes in internal audit training, and as a former editor at Compliance Week and CFO.com.