As noted in my most recent LinkedIn post, 2025 turned out to be an unexpectedly big year for these conversations, with more than one million views and over 200,000 reactions. That level of engagement doesn’t happen by accident. It suggests there’s a deep and growing frustration across the risk, audit, and governance community that something fundamental still isn’t clicking inside corporate boardrooms.
Data is a constant subject of discussion in the context of security. Custody of personal data is heavily regulated, and systems are designed to protect anonymity, even though it can never be fully guaranteed. Security breaches are costly, not only because of the breach itself, but because of the scrutiny and liability that follow. As a result, privacy has increasingly become a value proposition for products and services that collect and retain personal information.
SAP systems store sensitive business data, run mission-critical processes, and ensure that operations continue uninterrupted. However, having the SAP GRC product suite or similar governance, risk, and compliance tools does not cover all aspects of system security. Relying on them to keep you safe is a recipe for infiltration.
This report examines employee perceptions of corporate compliance programs across four countries: the United States, Canada, Germany, and France. Based on survey responses from more than 800 employees across multiple industries, the findings offer a cross-national view of how compliance programs are understood, implemented, and supported, including the growing role of AI.
Ben & Jerry’s is an activist brand. It operates under a unique mission-driven board configuration that sets it apart from most subsidiaries of large corporations. Although owned by Unilever, the company maintains a semi-independent board specifically tasked with safeguarding its social mission, which includes environmental sustainability, human rights, and ethical business practices. This hybrid governance model combines traditional corporate oversight with dedicated representatives who ensure that Ben & Jerry’s activism and ethical commitments remain central to its decision-making. The board includes independent directors, Unilever representatives, employee voices, and social mission advocates, creating a structure designed to balance profitability with purpose, a rare approach in the corporate world.
This article is the first in a short series called Taking Uncertainty Seriously, exploring how risk analysis changes when we stop pretending the future is known and start treating uncertainty as a first-class input to decision-making.
In a recent GRC Report piece, Risk Is Our Business: Why the GRC Market of 2030 Will Look Nothing Like Today, I argued that the governance, risk, and compliance market is not heading into another cycle of incremental change, but a structural break. The core claim was that risk has outgrown the architectures, assumptions, and mental models most GRC platforms and programs still rely on, and AI bolted onto legacy thinking will not save them.