James Bone

James Bone’s career has spanned 29 years of management, financial services and regulatory compliance risk experience with Frito-Lay, Inc., Abbot Labs, Merrill Lynch, and Fidelity Investments. James founded Global Compliance Associates, LLC and TheGRCBlueBook in 2009 to consult with global professional services firms, private equity investors, and risk and compliance professionals seeking insights in governance, risk and compliance (“GRC”) leading practices and best in class vendors.
James is a frequent speaker at industry conferences and contributing writer for Compliance Week and Corporate Compliance Insights and serves as faculty presenter and independent consultant for several global consulting firms specializing in governance, risk and compliance, IT compliance and the GRC vendor market. James created TheGRCBlueBook.com to provide risk and compliance professionals with transparency into the GRC vendor marketplace by creating a forum for writing reviews on GRC products and sharing success stories on the risk practices that are most effective.

James is currently attending Harvard Extension School for a Master of Arts in Management with an emphasis in accounting and finance. James received an honorary PhD in Letters from Drury University in Springfield, Missouri and is a member of the Breech Business School Hall of Fame as well as the Missouri Sports Hall of Fame. Having graduated from the Boston University Graduate School of Education, James received his M.Ed. in Management and Organizational Design in 1997 and a Bachelor of Arts in Business Administration from Drury University in 1980.


Audit could avoid huge operational losses by automating key internal controls

The interaction between audit committees and management can be frustrating. Audit presents identified risks, and leaders want context. Management doesn’t want to be seen as uncooperative, but even the slightest push back can be perceived that way. Poor internal control design may be the driving force behind this ongoing debate.

Read more
Outrageous Compliance

Risk and compliance self-assessments aren’t the truest indicators of actual risk exposure. So you could say there’s an inherent risk in performing a risk self-assessment. Not only is there no real science behind them, the outcome of an RCSA is entirely subject to one’s memory. A self-assessment can be a good jumping-off point, but it can’t be your sole method of understanding...

Read more
Terrorism – A Tectonic Shift?

The violence perpetrated on innocent civilians in Paris last week stunned the world. Unfortunately, these acts of terrorism have become far more frequent in recent years. Consequently, the conversation around risk management is shifting. How do we -- as professionals charged with minimizing risk -- respond when the unthinkable happens?

Read more
Meet R.I.S.K.: Why Your Next Chief Risk Officer Will Be a “Smart” Robot

The CRO of the Future is almost here. James Bone posits that before long, risk management professionals may be replaced by various “risk intelligent systems knowledgeware,” or RISK, able to process volumes of data in an instant, detect threats and respond to them just as quickly. Technology advances at breakneck speed, and so does our dependence on it to manage enterprise risk.

Read more
Blackstone Group: Riddle of Ethical Dilemmas

Ethics and success aren't mutually exclusive terms. We know this, and yet firms still cut corners. We've become so accustomed to the misbehavior of financial services firms we're no longer shocked by it; their misconduct has become routine. Expected even. James Bone discusses the dilemma of mitigating conduct risk when it feels good to be bad.

Read more
Volkswagen – The Cost of Deception

Volkswagen, a long-trusted and highly respected brand, will be dealing with the fallout of its emission scandal for quite some time. It's clear to everyone that their massive deception is inexcusable, but we'd do well to remember that the hugest transgressions happen one failure in decision making at a time. Volkswagen's was likely born out of panic.

Read more
Risk Has a Shape

Managing risk effectively requires first an understanding of the risk that needs managing. It sounds so elementary, but there's often a great deal of uncertainty about what an organization's risks actually look like. It's no wonder why risk management programs fail. Fortunately, there are a host of ERM tools that can help to bridge this gap.

Read more
risk in miscalculation

COSO's Enterprise Risk Management Integrated Framework has become something it was never intended to be; as a risk management standard, it fails for at once being too broad (robust risk management programs would be far more effective) and too narrow (in its focus on internal controls as the primary risk management tool). It's time to adopt a multidisciplinary approach.

Read more
Adversity – Lessons of a Tulip

The tulip was the source of what's widely believed to have been the first speculative bubble, and like all bubbles, it eventually burst. That crisis was not unlike the collapse of the dot-com bubble -- rational behavior was replaced by "irrational exuberance." Effective risk management means being wary of an overvalued market and accounting for human emotion in the pursuit of financial...

Read more
FIFA: A Lesson in Corporate Governance

Overly complicated systems aren't necessarily superior to more simplistic ones. Take FIFA's matrix for determining team ranking, for example. It takes either a lifelong, die hard fan to understand it or an advanced degree in math. It could be argued, in fact, that unnecessarily complex systems simply serve to distract attention from what's really going on.

Read more
Page 3 of 4 1 2 3 4

Special Coverage

Special COVID page graphic