Foreword xiii
Preface xix
Acknowledgments xxiii
Chapter 1: What is GRC, and Why Does It Matter? 1
What is GRC? 2
Why GRC Matters 3
Chapter 2: Culture, the Critical Driver 5
What is Culture? 5
More Cultural Failures 6
Companies That Got It Right 8
Being Legal, Honest, Candid, and . . . 10
Integrity versus Spin 13
Speaking the Same Language 16
Chapter 3: Cost-Effective Compliance Programs 21
The Back-Breaking Costs 22
Beyond the Direct Costs 24
Major Mistakes at Platinum-Branded Companies 24
How Companies Got Where They Are 30
Keys to Getting It Right 31
The Compliance Office 36
Making It Happen 38
The Rewards 39
Chapter 4: Ethics Programs: Another Foundational Block 41
Tone at the Top 42
Problems at Daimler 42
Elements of an Ethics Program 43
Setting the Tone at the Top: Hewlett-Packard 51
Chapter 5: Risk Management and the Financial System's Near Meltdown 59
What Went So Terribly Wrong 59
The Regulatory System 63
Merrill Lynch 65
Where Were the Boards? 68
Did CEOs See It Coming? 70
Chapter 6: What Is Risk Management About? 75
Risk 76
Risk Management 79
Enterprise Risk Management 80
Is It Really Worth the Effort? 85
ERM Application Techniques 88
Key Risk Indicators 91
BP 92
Chapter 7: Implementing ERM 99
Drivers for ERM 99
Pitfalls 102
Effective Implementation 106
Roles and Responsibilities 114
Chapter 8: Does Internal Control Really Matter? 119
Impact of SOX 404 on Financial Reporting 122
Responsibility for SOX 404 124
Other Relevant SOX Provisions 126
Do Effective Financial Reporting Controls Really Prevent Fraudulent Financial Reporting? 127
Real Life in the C-Suite 130
Chapter 9: Control over Operational Performance 133
IT Controls 134
Societe Generale 135
Washington Mutual 139
Countrywide Financial Corporation 143
The Foreclosure Fiasco 144
Chapter 10: Boards of Directors' Focus 153
A Focus on the Rules 155
Truly Effective Boards 156
A Public Watchdog? 158
Societal Responsibility 160
Potential Pitfalls 163
Chapter 11: Overseeing Strategy and Risk Management 169
Strategy 169
Risk Management 173
Chapter 12: CEO Compensation, Succession Planning, and Crisis
Management 185
CEO Compensation 185
Succession Planning 192
Crisis Management 196
Chapter 13: Performance Measurement and Reporting 201
Performance Measures 201
Financial Reporting 205
Chapter 14: Building an Effective Board 219
Looking Objectively 220
A Shift in Direction 221
Building a Better Board 223
Board Assessments 226
Bottom Line 230
Chapter 15: Avoiding Board Pitfalls 231
Following the Herd 231
Obtaining Critical Information 238
A Leaky HP Board 245
Another Leak-What Was He Thinking? 249
Chapter 16: Where the Power Lies 251
A Tug of War 252
Shareholder Activism 252
Recent Achievements 253
Dodd-Frank's Proxy Access 256
Where to Draw the Line 261
Finding the Right Balance 262
Where We Need to Evolve 264
Chapter 17: Structural Issues at the Board 265
Combined versus Separate Chairman and CEO 265
Empowering CEOs in a Shifting Landscape 271
Director Compensation 274
Chapter 18: Looking to the Future 281
New Models for Board Governance 281
A Healthy Governance Environment 285
Boards' Perspectives on Risk 289
Grasping the Holy Grail of Governance 290
What the Future Holds 293
About the Author 299
Index 301