Business meeting at table

Board Evaluations: 5 Ways They’re Missing the Mark

Posted by - October 23, 2017
The past few years have seen the largest security breaches in history. As risk and compliance professionals scramble to predict and prevent future breaches, one aspect that could strongly impact the outcome is how the company's board of directors are impacting security.
woman looking through binoculars

5 Ways to Elevate the Board’s Oversight of Compliance

Posted by - September 29, 2017
Expanding the View to Include Culture Does your organization view compliance as a “check the box” exercise? Many companies do. Chuck Saia, CEO of Deloitte Risk and Financial Advisory, feels differently and shares five ways a board can start broadening its view – and management’s view – of compliance to…
business leaders shaking hands

Setting the Tone: No Back Seat for the CEO

Posted by - August 24, 2017
How the CEO Can Best Support Compliance Keeping a tight rein on compliance is the name of the game for every business entity, whether early-stage, family-owned or large multinational. And – while it’s the CEO who ultimately sets the tone – the culture of compliance has a strong foundation in…
thumbs down with one-star rating

10 Keys for Executives to Manage Reputation Risk

Posted by - August 3, 2017
When a good reputation is difficult to build and easy as pie to destroy, it’s a business imperative to manage the company’s reputation carefully. Jim DeLoach outlines five critical areas leadership must pay close attention to, and 10 factors total that can be critical in managing reputation risk. With today’s…
concept of crisis with unstable statistics bars

Positioning Independent Risk Management to Succeed

Posted by - July 6, 2017
6 Ways to Support the CRO There is no one-size-fits-all solution for successful risk management, but there are certainly commonalities between successful Chief Risk Officers and independent risk management professionals. Jim DeLoach outlines several strategies organizations can implement to position their risk management function (and by extension, the organization) for…
selected book on bookshelf

10 Principles for Effective Board Risk Oversight

Posted by - June 5, 2017
The National Association of Corporate Directors published an authoritative guide in 2009 on risk governance, and the principles outlined therein are as relevant today as ever. Jim DeLoach provides an analysis of each of the 10 principles, demystifying the process of evaluating board risk oversight.
number 10 on outside of office building

Improving Board Risk Reporting

Posted by - May 1, 2017
Following last year’s Principles for Improving Board Risk Reporting comes an updated list. This expanded set of principles comes from Protiviti’s Jim DeLoach and Rick Steinberg, CEO of Steinberg Governance Advisors. While the original six principles focused primarily on what corporate boards should be looking for, the additional four address…
Data governance a challenge in the wake of Safe Harbor

Privacy Shield in Limbo

Posted by - June 29, 2016
With Safe Harbor gone and U.S.-EU Privacy Shield in limbo, what can companies do to continue sharing data with European partners and not run afoul of privacy regulators? First, make sure you’ve huddled with your legal team, then establish a data transfer program that sets—and documents—high standards based on best…
cloud computing diminishes some risk, but be sure your data is fully secure

Cloud Computing & Cyber Liability Risk Management

Posted by - February 18, 2016
Cloud computing has completely revolutionized the way businesses handle data, and this trend will only continue as more organizations transition to the cloud. However, it is imperative to develop the essential awareness and master the fundamental security capabilities required to safely and securely use cloud-computing solutions.

Data Privacy in the Post Safe Harbor Era

Posted by - February 9, 2016
Safe Harbor is gone, but there’s a new trans-Atlantic data transfer agreement in place—EU-U.S. Privacy Shield. As corporations begin to learn and understand its provisions, one thing is certain: the value and sanctity of sensitive, personal data is central to the pact, and compliance will hinge on treating it accordingly.

Noncompliance with New EU Data Privacy Rules can be Costly

Posted by - November 5, 2015
Europe’s high court has struck down the longstanding Safe Harbor Framework, alleging that the U.S. government’s actions in accessing data via Facebook and transferred through email invalidated the agreement. Attorneys Thomas Monson and Kyle Petersen, with Salt Lake City-based Kirton McConkie, explain the consequences of noncompliance with the new EU…