An expert's insider secrets to how successful CEOs and directors
shape, lead, and oversee their organizations to achieve corporate
goals

Governance, Risk Management, and Compliance shows senior
executives and board members how to ensure that their companies
incorporate the necessary processes, organization, and technology
to accomplish strategic goals. Examining how and why some major
companies failed while others continue to grow and prosper, author
and internationally recognized expert Richard Steinberg reveals how
to cultivate a culture, leadership process and infrastructure
toward achieving business objectives and related growth, profit,
and return goals.

* Explains critical factors that make compliance and ethics
programs and risk management processes really work

* Explores the board's role in overseeing corporate strategy,
risk management, CEO compensation, succession planning, crisis
planning, performance measures, board composition, and shareholder
communications

* Highlights for CEOs, senior management teams, and board members
the pitfalls to avoid and what must go right for success

* Outlines the future of corporate governance and what's needed
for continued effectiveness

* Written by well-known corporate governance and risk management
expert Richard Steinberg

Governance, Risk Management, and Compliance lays a sound
foundation and provides critical insights for understanding the
role of governance, risk management, and compliance and its
successful implementation in today's business environment.

RICHARD M. STEINBERG is founder and CEO of Steinberg Governance Advisors, Inc. He is a nationally recognized expert on governance, risk, and control, and advises boards of directors of major multinational, large, and middle-market companies. He is a former senior partner of PricewaterhouseCoopers (PwC) and the leader of its corporate governance advisory practice. As an expert in internal control and risk management, Steinberg served as the lead project partner in developing the Committee of Sponsoring Organizations of the Treadway Commission's (COSO's) Internal Control—Integrated Framework, and led development of COSO's Enterprise Risk Management—Integrated Framework, the landmark reports recognized as standards for effective internal control and risk management. He has been featured on CNBC's Morning Call and Bloomberg TV's Bloomberg on the Markets and The Bloomberg Report; has guest-lectured at leading business schools including Columbia, MIT, and NYU; has been quoted in publications such as BusinessWeek, Fortune, the Wall Street Journal, Dow Jones MarketWatch, CNN Money, and the Financial Times; and is a monthly columnist for Compliance Week.

Zusammenfassung
An expert's insider secrets to how successful CEOs and directors shape, lead, and oversee their organizations to achieve corporate goals

Governance, Risk Management, and Compliance shows senior executives and board members how to ensure that their companies incorporate the necessary processes, organization, and technology to accomplish strategic goals. Examining how and why some major companies failed while others continue to grow and prosper, author and internationally recognized expert Richard Steinberg reveals how to cultivate a culture, leadership process and infrastructure toward achieving business objectives and related growth, profit, and return goals.

• Explains critical factors that make compliance and ethics programs and risk management processes really work
• Explores the board's role in overseeing corporate strategy, risk management, CEO compensation, succession planning, crisis planning, performance measures, board composition, and shareholder communications
• Highlights for CEOs, senior management teams, and board members the pitfalls to avoid and what must go right for success
• Outlines the future of corporate governance and what's needed for continued effectiveness
• Written by well-known corporate governance and risk management expert Richard Steinberg

Governance, Risk Management, and Compliance lays a sound foundation and provides critical insights for understanding the role of governance, risk management, and compliance and its successful implementation in today's business environment.

Foreword xiii

Preface xix

Acknowledgments xxiii

Chapter 1: What is GRC, and Why Does It Matter? 1

What is GRC? 2

Why GRC Matters 3

Chapter 2: Culture, the Critical Driver 5

What is Culture? 5

More Cultural Failures 6

Companies That Got It Right 8

Being Legal, Honest, Candid, and . . . 10

Integrity versus Spin 13

Speaking the Same Language 16

Chapter 3: Cost-Effective Compliance Programs 21

The Back-Breaking Costs 22

Beyond the Direct Costs 24

Major Mistakes at Platinum-Branded Companies 24

How Companies Got Where They Are 30

Keys to Getting It Right 31

The Compliance Office 36

Making It Happen 38

The Rewards 39

Chapter 4: Ethics Programs: Another Foundational Block 41

Tone at the Top 42

Problems at Daimler 42

Elements of an Ethics Program 43

Setting the Tone at the Top: Hewlett-Packard 51

Chapter 5: Risk Management and the Financial System's Near Meltdown 59

What Went So Terribly Wrong 59

The Regulatory System 63

Merrill Lynch 65

Where Were the Boards? 68

Did CEOs See It Coming? 70

Chapter 6: What Is Risk Management About? 75

Risk 76

Risk Management 79

Enterprise Risk Management 80

Is It Really Worth the Effort? 85

ERM Application Techniques 88

Key Risk Indicators 91

BP 92

Chapter 7: Implementing ERM 99

Drivers for ERM 99

Pitfalls 102

Effective Implementation 106

Roles and Responsibilities 114

Chapter 8: Does Internal Control Really Matter? 119

Impact of SOX 404 on Financial Reporting 122

Responsibility for SOX 404 124

Other Relevant SOX Provisions 126

Do Effective Financial Reporting Controls Really Prevent Fraudulent Financial Reporting? 127

Real Life in the C-Suite 130

Chapter 9: Control over Operational Performance 133

IT Controls 134

Société Générale 135

Washington Mutual 139

Countrywide Financial Corporation 143

The Foreclosure Fiasco 144

Chapter 10: Boards of Directors' Focus 153

A Focus on the Rules 155

Truly Effective Boards 156

A Public Watchdog? 158

Societal Responsibility 160

Potential Pitfalls 163

Chapter 11: Overseeing Strategy and Risk Management 169

Strategy 169

Risk Management 173

Chapter 12: CEO Compensation, Succession Planning, and Crisis

Management 185

CEO Compensation 185

Succession Planning 192

Crisis Management 196

Chapter 13: Performance Measurement and Reporting 201

Performance Measures 201

Financial Reporting 205

Chapter 14: Building an Effective Board 219

Looking Objectively 220

A Shift in Direction 221

Building a Better Board 223

Board Assessments 226

Bottom Line 230

Chapter 15: Avoiding Board Pitfalls 231

Following the Herd 231

Obtaining Critical Information 238

A Leaky HP Board 245

Another LeakWhat Was He Thinking? 249

Chapter 16: Where the Power Lies 251

A Tug of War 252