fallen king in chess

Risk: A Game of Thrones

HBO’s Game of Thrones is a pretty accurate portrait of the corrupting nature of power. The higher up the corporate ladder one gets, the greater the danger of “agency risk,” or the propensity to pursue what’s best for number one, and not so much for the stakeholders or the organization as a whole. What can businesses do ...

execs in boardroom

Positioning the CRO to Succeed

If the CRO or risk leader is to be effective and successful in the organization, he must be given full access to the Board, participate in high-level discussions and strategy setting and seen as an equal to the other C-Suite leaders or executives. The company and its leadership must appear to value the risk management function and enable ...

target on chest

Protecting Yourself Against Data Breach: Don’t Be a Target

The data breach at Target last November has been widely publicized and widely criticized. The corporation was aware of intrusions in its software, but failed to respond. And the results for the company – one of the nation’s largest retailers – have been disastrous, as evidenced by the tens of millions of dollars the company has already ...


Fight SOX Complacency To Reduce Your Risk of Restatement

SOX compliance is now a routine process for most companies. How can we then explain the rapidly growing number of restatements and recognition complaints when companies certify they are in compliance? Author Mark Alexander asks compelling questions. Can your organization provide good answers?


The State of Harassment & Discrimination in the Workplace

Harassment and discrimination issues can lead to millions of dollars in losses for an organization. In fact, the Equal Employment Opportunity Commissions (EEOC) obtained the highest amount of monetary recoveries in agency history in 2013, despite the overall number of harassment and discrimination charges decreasing from 2012.


Five Risk Categories for Focusing the Board’s Risk Oversight

Many companies have adopted a risk language to facilitate dialogue within the organization regarding their risks. While we are not aware of an authoritative risk language or model, there are a number of risk models in the public domain that can be useful to ensure the completeness of the event categorization and risk assessment processes.