Norman Marks
CONTRIBUTING AUTHOR
San Francisco
COVERS
GRC, Records Managment, Information Management
Norman Marks, CPA, CRMA is an evangelist for “better run business,” focusing on corporate governance, risk management, internal audit, enterprise performance, and the value of information. He is also a mentor to individuals and organizations around the world, the author of World-Class Risk Management and publishes regularly on his own blog.
Norman was the chief audit executive of major global corporations for 20 years and is a globally-recognized thought leader in the professions of internal auditing and risk management. In addition, he has served as chief risk officer, compliance officer, and ethics officer, and managed what would now be called the IT governance function (information security, contingency planning, methodologies, standards, etc.) He ran the Sarbanes-Oxley Section 404 (SOX) programs and investigation units at several companies.
He is the author of the Institute of Internal Auditors’ “Minimize Costs & Increase the Value of Your Sarbanes-Oxley 404 Program” (previously published as “Sarbanes-Oxley Section 404: A Guide for Management by Internal Control Practitioners”), which has been described as “the best Sarbanes-Oxley 404 guide out there for management”. Norman is a member of the review boards of several audit and risk management publications (including the magazines of ISACA and the IIA), a frequent speaker internationally, the author of several award-winning articles, and a prolific blogger about better run business (consistently rating as one of the top global influencers in social media on the topics of GRC, internal audit, risk management, and governance).
Norman was profiled in publications of the AICPA and the IIA as an innovative and successful internal auditing leader. He has also been honored as a Fellow of the Open Compliance and Ethics Group for his GRC thought leadership, and as an Honorary Fellow of the Institute of Risk Management for his contributions to risk management.
Norman can be found at: • Marks on Governance • Norman Marks on Governance, Risk Management, and Internal Audit • on Twitter @normanmarks
Please Note
If you are looking to submit press releases or other forms of news for consideration, the best approach is to email [email protected]. That is an actively monitored distribution list.
Norman's Recent Tweets
Norman's Recent Articles
- 10 Years of Progress in the GRC World Jan 21, 2020
- Did Risk Management Fail? Nov 22, 2019
- Do Risk Appetite Statements Add Value? Oct 29, 2019
- The Core Principles of Effective Internal Auditing Oct 11, 2019
- Are Your Business Decisions Failing Because They Are Biased? Sep 13, 2019
- How to Assess the Effectiveness of Risk Management Aug 6, 2019
- CEOs Aren't Idiots When it Comes to Risk Management Jul 23, 2019
- If Risk Management Is the Answer, What Is the Question? Jul 15, 2019
- Time (Again) for the IIA Standards to Be Corrected Jun 27, 2019
- The Cost of a Cyber Breach Jun 6, 2019
- A Board That Would Fail Any Test of Its Governance Practices May 3, 2019
- The Positive Side of Risk Apr 26, 2019
- The Problem With Software for GRC Apr 16, 2019
- Are We Taking Risk, Making a Decision or Gambling? Apr 4, 2019
- Transforming Risk Management in 2019 and Beyond Feb 14, 2019
- People Still Don't Know How to Assess Cyber Risk Jan 25, 2019
- Stop Managing and Start Taking Risks Jan 15, 2019
- Who Is Taking the Cyber Risk? Dec 14, 2018
- A Basic Principle Most People Don't Understand About Risk Dec 3, 2018
- Uniting Risk Management With Strategic Planning Oct 18, 2018
- Emerging Risks: Who Is Watching? Sep 13, 2018
- Is There an ROI for Investing in Information Security? Jul 18, 2018
- Do You Understand What a Risk Event Is? Jul 5, 2018
- Is It Really All About Culture? Jun 15, 2018
- What Are the Core Competencies of an Effective Risk Officer? Jun 7, 2018
- My Cybersecurity Confession Jun 1, 2018
- Effective Risk Management Starts With Better Decision-Making Apr 20, 2018
- One Objective, Multiple Risks: What Do You Do? Mar 9, 2018
- Introducing Game Theory to Risk Management Jan 19, 2018
- Identifying, Assessing and Evaluating Risk Is the Easy Part Jan 5, 2018