Risk

Transformational market trends are driving the convergence of Governance, Risk and Compliance (GRC) and eDiscovery.  Before documents and data become evidence in litigation, they are already accessible within a company’s vast data repository as a risk. Having an early warning risk smoke detector to discover issues before they engulf an organization’s bottom line and reputation is the future of just-in-time...

Information security is not enough. Preparation for cyber attacks is no longer a luxury, and now is the time for organizations to pivot from defense to resilience.

What are the key elements of the risk management process? It's a great question -- and an important one -- since crafting an effective risk management program protects a company's reputation and can even give it a competitive edge in the marketplace. Like any other worthwhile business activity, risk management requires a process with a clear purpose, reliable inputs, well-designed...

U.S. businesses can now hire any number of drone-operating vendors to help them do inspections, filming, testing, spraying and more. This creates tremendous efficiencies and can save lives. However, with respect to compliance and risk-management, hiring third-party drone services creates questions that merit careful consideration. In this column, veteran aviation attorney Mark A. Dombroff discusses some of the risks and...

Risk Management is one of the primary duties of boards, executives, and security and compliance teams. But implementing the practices, processes, and policies that enable and ensure integrated risk management is another matter altogether.

New data privacy and cybersecurity regulations including the NY DFS and the EU GDPR are causing companies to tighten up on their controls and map their security programs to match the requirements in order to avoid punitive corrective actions and steep fines for violations. To be effective, controls and security solutions must account for the human factor.

Given there is no one-size-fits-all solution for risk and a risk management function, how risk is governed varies across industries and organizations. But there are five interrelated principles that underlie effective risk management within organizations in both good times and bad – integrity to the discipline of risk management, constructive board engagement, effective risk positioning, strong risk culture and appropriate...

Today's world is full of cyber risks and attacks and an attack on a financial services firm's systems is no longer a matter of "if", but "when." It is crucial now more than ever that firms have appropriate cyber policies in place especially in the current regulatory climate (NYDFS and GDPR). 

Privacy officers spend so much of their time putting out fires and focusing on operational activities, that they don’t have time to see the trends (and accompanying risks) that are around the corner. Brian Lee and Stephanie Quaranta outline three major risk themes and ten emerging risks that privacy and compliance officers should be aware of heading into 2018.

The shadow IT phenomenon—in which employees use their personal technology on the job—looms larger than ever. The latest twist- bring your own software.

The Reality of the New FinCEN CDD Rule The FinCEN Final Rule on Customer Due Diligence (CDD) is designed to improve global corporate transparency in the wake of recent scandals. This new rule will have a significant impact on the requirements of financial institutions and the way in which they enforce risk-based procedures. In just under seven months’ time, U.S....

The Need for Aligned Assurance Today’s changing risk landscape has put increased pressure on assurance functions to simplify their requirements and to provide the board, senior management and other key stakeholders with a complete risk and assurance picture. To do so requires coordinating on the risk universe, risk terminology and ratings. Malcolm Murray and Rafael Go discuss how, in light...