Compliance professionals still “own” too many risks that business units could manage more effectively. Gartner’s Brian Lee discusses one solution: moving ownership of compliance risks closer to their sources. It’s a time of enormous change for organizations of every type. Gartner’s 2018 survey of CEOs shows that CEOs, who have been focused on growth for years, are now prioritizing firm plans to...

A Holistic Approach to Addressing Harassment As cultural movements continue to raise awareness about misconduct, compliance and ethics programs are putting more power behind training their employees on how to identify and report harassment in the workplace. Despite this increased emphasis, less than half of employees who observed harassment reported it last year, sending a signal that there’s more organizations must do...

With the GDPR implementation deadline quickly approaching, many organizations are extremely focused on meeting specific regulatory requirements. However, GDPR is just the starting line. Here Brian Lee and Stephanie Quaranta highlight how compliance and privacy executives can plan past simply conforming with the requirements, and use GDPR as a long-term strategic opportunity to build sustainable policies and procedures.

Privacy officers spend so much of their time putting out fires and focusing on operational activities, that they don’t have time to see the trends (and accompanying risks) that are around the corner. Brian Lee and Stephanie Quaranta outline three major risk themes and ten emerging risks that privacy and compliance officers should be aware of heading into 2018.

3 Ways to Affect a Different Kind of Climate Change In light of the corporate compliance failures that have entered the news cycle, compliance programs have increasingly focused on the role culture plays in causing these failures. However, while most compliance executives understand the link between culture and employee misconduct, they are not sure how to act on it. In this article,...

Risk Profiles for Key Employee Groups It’s becoming an all-too-familiar scenario: a hacker steals an organization’s customer and employee data, creating substantial remediation costs, slowing down the business and generating negative publicity. That said, there is a far more common cause of concern — employee risk. Nearly 60 percent of privacy failures result from an organization's own employees. Brian Lee and Matt...

Sweeping new privacy regulations require companies to incorporate protections for personal data into the design of their products and processes — but the law is vague on implementation. Learn how leading assurance professionals and companies are putting these new requirements into practice.