Risk

12 Steps to Reveal and Reduce Cyber-Breach Risk One hundred percent of businesses are or will be victims of a cybersecurity breach, disruption or attack — either directly or indirectly. No one is immune. That’s why this article is not just for the Fortune 500 CISO or the fortunate few with arms-race-level cybersecurity expertise. It’s for everyone else, too. Charles...

Maturing Risk Management in Light of COSO Updates Recent updates to the COSO framework serve to clarify the significance of the connection between risk, strategy and performance. Protiviti’s Jim DeLoach discusses how organizations can get the most out of their ERM programs and three keys to advancing ERM. In 2017, the Committee of Sponsoring Organizations (COSO) of the Treadway Commission...

Challenges with Insights in Excel Artificial intelligence can be a very good thing, but organizations must not jump in blindly. Incisive CEO Diane Robinette discusses potential risks associated with the new artificial intelligence capabilities in Excel. Artificial Intelligence (AI) is a hot topic. It's the shiny new thing that people can't seem to get enough of. While still in its...

Why Business Continuity Must Be Part of Your Strategy Carrying insurance, having a plan, limiting liability… these are all important steps to minimize risk associated with a disruptive event. But without a dynamic business continuity management program, brand equity could suffer significantly. David Nolan, CEO and founder of Fusion Risk Management, rebuts seven common misconceptions about business continuity. Imagine a...

Implementing Protections Against Cyberattacks Many recent cyberattacks have come through exposures in third-party systems. There is an evident need to monitor the cybersecurity of third parties, and this puts the spotlight on cyber supply chain risk management (C-SCRM). Experts from Kroll outline what companies can do to protect their systems and sensitive company information. with co-authors Brian Lapidus and Keith Wojcieszek ...

6 Recommendations to Maintain Effective Risk Oversight As the financial crisis thoroughly demonstrated, an acute focus on short-term gains can be disastrous when risk proper oversight isn’t there. Protiviti’s Jim DeLoach provides six key considerations your organization can bear in mind in moving beyond myopic "short-termism" to a more broadly encompassing risk management strategy that includes longer-term interests. While short-termism...

Thoughts on Increasing Cyber Resiliency Companies’ adoption of new technologies is outpacing their ability to protect against evolving cybersecurity threats. It used to be said that it’s not a question of IF an organization will be breached, but WHEN. Jim DeLoach suggests that companies either know they’ve been breached or they’ve been breached and don’t know it. How then, do...

The Key to Increasing Decision-Making Influence In this complex risk environment where senior executives are expected to make fast decisions, they need the most actionable information in a timely manner. However, most leadership teams feel the risk information they receive isn’t actionable from a business strategy or operations perspective. In this article, Gartner’s Matt Shinkman and Chris Matlock detail how...

The Necessity of Proactive Management Experts at applied behavioral science technology company Starling offer insights into the failures of current approaches to managing conduct risk and explore an alternative – more proactive – solution. This would mark a paradigm shift in management science – one in which culture is viewed as an emergent property of group dynamics. with co-authors Stephen...

A Forward-Looking Response to a Chaotic World The actuarial model of risk compliance employed by most large global enterprises – calculating the odds of future events based on past occurrences – has become outdated and ineffective, as the internet and global interdependencies have created an asymmetric, chaotic world in which small inputs (a tweet, a Facebook post, a changing regulation...

Key Insights and Trends from the MetricStream GRC Summit 2018 MetricStream’s 2018 Summit in Baltimore saw several hundred business executives, government leaders, GRC practitioners and industry analysts gather to talk GDPR, strategies and solutions for building better governed, more compliant organizations and more. Gaurav Kapoor, MetricStream's Chief Operating Officer, shines a spotlight on some of the event’s key takeaways. From...

Driving Change to Improve Resilience and Agility Enterprise risk management (ERM) is a framework organizations use to manage risks and seize opportunities related to the achievement of their objectives. More and more frequently, upper-level management refuses to acknowledge ERM properly, which leads to missed opportunity and lost revenues. Read more to find out what world-renowned entrepreneur Peadar Duffy has to say...