James Bone’s career has spanned 29 years of management, financial services and regulatory compliance risk experience with Frito-Lay, Inc., Abbot Labs, Merrill Lynch, and Fidelity Investments. James founded Global Compliance Associates, LLC and TheGRCBlueBook in 2009 to consult with global professional services firms, private equity investors, and risk and compliance professionals seeking insights in governance, risk and compliance (“GRC”) leading practices and best in class vendors.
James is a frequent speaker at industry conferences and contributing writer for Compliance Week and Corporate Compliance Insights and serves as faculty presenter and independent consultant for several global consulting firms specializing in governance, risk and compliance, IT compliance and the GRC vendor market. James created TheGRCBlueBook.com to provide risk and compliance professionals with transparency into the GRC vendor marketplace by creating a forum for writing reviews on GRC products and sharing success stories on the risk practices that are most effective.
James is currently attending Harvard Extension School for a Master of Arts in Management with an emphasis in accounting and finance. James received an honorary PhD in Letters from Drury University in Springfield, Missouri and is a member of the Breech Business School Hall of Fame as well as the Missouri Sports Hall of Fame. Having graduated from the Boston University Graduate School of Education, James received his M.Ed. in Management and Organizational Design in 1997 and a Bachelor of Arts in Business Administration from Drury University in 1980.
The five pillars of the cognitive risk framework (CRF) are designed to provide a 3D view of enterprise risks. James Bone details here additional levers of risk governance in the final three pillars of the CRF. In earlier installments, James discussed the first pillar of the Cognitive Risk Framework (CRF), cognitive governance; the five principles undergirding cognitive governance; and the second pillar,...
Read more
Cognitive governance is the first of five pillars making up the cognitive risk framework; the second is intentional control design. James Bone discusses chief considerations around intentional design. The five pillars of a cognitive risk framework are designed to provide a three-dimensional view of enterprise risks. In the last installment, cognitive governance (CogGov) was introduced as the first pillar. Its five disciplines...
Read more
James Bone explores cognitive governance, the first pillar of the cognitive risk framework, and the five principles that drive the framework to simplify risk governance, add new rigor to risk assessment and empower every level of the organization with situational awareness to manage risk with the right tools. The three lines of defense (3LoD), or more specifically, risk governance is being rethought...
Read more
Cognitive governance is a radical departure from traditional risk management. James Bone explains the benefits and how the former complements the latter. After the 2008 reckoning of the Great Recession and a 60 percent decline in market value, I became redundant and soon began to question the failings of risk management as a discipline and my own skills as a risk professional....
Read more
As we move into the 4th Industrial Revolution (4IR), risk management is poised to undergo a significant shift. James Bone asks whether traditional risk management is keeping pace. (Hint: it’s not.) What’s really needed is a new approach to thinking about risks. Framing the problem Organizations, generally speaking, have one foot firmly planted in the 19th century and the other foot racing...
Read more
The audit profession is facing unprecedented demands, but there are a host of tools available to help. James Bone outlines the benefits to automating audit tasks.
Read more
The Danger – and Simplicity – of Cognitive Attacks The allegations of Russian influence on the 2016 election have been in the news for months. President Trump has claimed that Russian meddling was a hoax, but according to the Mueller investigation, that’s been proven false. While the Russians didn’t hack into polling systems, they did employ a different kind of attack: a...
Read more
The Driver Behind Enterprise Situational Awareness Intelligent automation is an emerging solution to enable intelligent decision-making at the strategic level, but it doesn’t necessarily have to be complex or require cumbersome new infrastructure. In fact, since overly complicated approaches to intelligent automation tend to result in project failure, simplicity may be the order of the day. “Intelligent Automation” is such a new...
Read more
Creating Situational Awareness Several prominent Wall Street firms are transitioning to a cognitive risk management environment. The changes they’ve made are significant, but there’s still work to be done. James Bone asserts that a more comprehensive approach is needed: one that includes intentional control design and machine learning – technology to help humans become more productive. In my previous articles, I introduced...
Read more
Musings of a Cognitive Risk Manager To drive change, you need buy-in, and to achieve buy-in, your people need to know the “why” behind the change. This is the premise behind cognitive risk governance, the “designer” of human-centered risk management. James Bone, author of Cognitive Hack: The New Battleground in Cybersecurity…the Human Mind, further explains the cogrisk framework. In my last article,...
Read more
Risk management has undergone a sea change over the past few decades, yet risk management practices have evolved very little. scarcely evolved to keep pace. Though organizations enjoy robust technological capabilities, they grow more fragile and vulnerable to massive systemic risks all the time. A risk program centered on human behavior and decision-making.
Read more
You don’t have to look far for examples of cognitive hacking. Unfortunately, the evidence is virtually everywhere. Many believe cognitive hacking led to Donald Trump winning the presidential election. James Bone cautions that security professionals should become intimately familiar with cognitive hacks, how they work and what can be done to protect against them. Much is at stake.
Read more
