Risk

Effective leaders understand that boards are comprised of people with different skills and areas of expertise – often without the acumen to understand the details of security and risk the way a security or risk professional does. Lockpath’s Sam Abadir offers guidance on bridging that gap. Communicating risk posture and assessments to the highest levels of an organization is a...

Third-Party Risk Factors Require More Board Level Attention on IoT Security Santa Fe, NM (May 7, 2019) – The Santa Fe Group, authorities in risk management and the managing agent of the Shared Assessments Program today released the results of the Third Annual Ponemon Institute’s study on Third-Party Risk for the Internet of Things (IoT). Ponemon reports a dramatic increase in IoT-related...

ISF’s Steve Durbin details findings from the firm’s recent Threat Horizon 2021 report, highlighting the top three threats to information security emerging in the next two years.

A Gartner survey of more than 100 organizational risk leaders shows that ERM is maturing as a function. As Gartner’s Matt Shinkman explains, the ERM function still has a long way to go to complete its integration into key business activities, however.

Compliance professionals still “own” too many risks that business units could manage more effectively. Gartner’s Brian Lee discusses one solution: moving ownership of compliance risks closer to their sources. It’s a time of enormous change for organizations of every type. Gartner’s 2018 survey of CEOs shows that CEOs, who have been focused on growth for years, are now prioritizing firm...

The digital revolution is transforming our world. Protiviti’s Jim DeLoach shares how, over the next few years, many organizations will need to undertake radical change programs and – in some cases – completely reinvent themselves to remain relevant and competitive. Is disruptive innovation sufficiently emphasized on the board agenda and in the C-suite? Ask executives and directors what their company’s...

Risk management pioneer and corporate governance expert Anette Mikes shares her thoughts on the U.K.’s separation from the European Union. Whatever scenario comes to pass, the risks are great. Anette outlines five lessons to be learned from the ongoing Brexit predicament. In their 2018 polemic, “Saving Britain,” senior Labour politician Andrew Adonis and the political scientist Will Hutton pondered Britain’s...

Riskonnect’s Dawn Ward compares the traditional GRC view versus the integrated risk management (IRM) view of risks as they relate to internal audit and information systems teams. As Gartner continues to shift its focus from governance, risk and compliance (GRC) toward a focus on integrated risk management (IRM), many corporate functions are recognizing the operational significance. The shift doesn’t negate...

The stakes are getting higher for CROs and compliance officers. Brenda Boultwood of MetricStream details why it’s increasingly imperative that risk and compliance professionals work hand in hand to address ongoing risks and strengthen organizational GRC efforts. While risk and compliance functions have run on parallel tracks for years, 2019 is likely to witness a new level of synergy between...

Evan Francen, CEO of FRSecure and Security Studio, makes the case for adopting a third-party information security risk management (TPISRM) program. He outlines how to get started and explains why the common excuses for ignoring the risks don’t hold water. Third-party information security risk management (TPISRM*) is more critical today than it’s ever been. There is little doubt amongst information...

ERP Maestro's CEO Jody Paterson discusses cybersecurity risk disclosure and compliance and how executives are being held more personally accountable for nondisclosure as outlined by the SEC. Companies face a multitude of risks and threats. Reporting them to stakeholders and investors is a requirement, and serious consequences may ensue for a failure to do so – for the company and,...

The latest global survey of C-level executives and directors of the macroeconomic, strategic and operational risks that organizations face indicates an increasingly risky year ahead. Protiviti’s Jim DeLoach discusses the risks keeping executives up at night. Overall, 825 C-level executives and directors participated in this year’s global study, with 45 percent representing companies based in North America. As with our...