Risk

Rather than segregating risk management responsibilities into their own silo, making them the purview of only a select few, companies would benefit greatly from an integrated approach in which every person in the organization is responsible to some extent in managing risk. Jim DeLoach presents a method involving five distinct lines of defense. Read on for details.

Risk management cannot possibly go well when the parties involved aren't speaking the same (risk) language. Minimize misunderstandings by making sure that everyone involved is operating from the same framework when it comes to uncertainty in environment, process and information for decision making. Jim DeLoach breaks down for us exactly what that means.

Companies doing business internationally face a great deal of risks and challenges. This article explores the necessity of accounting for employees' health and safety while they travel abroad. Having international insurance coverage may not be enough. Here, Mike Kelly addresses ways to reduce travel risk and ensure your staff are protected both stateside and overseas.

There are a myriad of risks to take into account when doing business abroad. Multinationals necessarily face a broader range of risks than smaller organizations do, therefore their risk management practices must be more robust. They must continually assess political landscapes, trends in similar countries and exposure to confiscation, among other concerns.

In manufacturing, design issues are expected to some degree, but when it's medical devices being produced as opposed to televisions, for instance, the stakes are much higher when something goes wrong. Naturally, the FDA keeps a close eye on medical device manufacturers, but these organizations can beat them to the punch with a strong CAPA system in place.

Data encryption seems to be top of mind for many corporations, and with good reason: high-profile data breaches prove to do significant damage in the way of reputational harm. Perhaps the answer isn't in better encryption, though, but instead better internal controls to keep users from being compromised and to strengthen reporting mechanisms.

Rogue traders may be uncommon, but the risks they pose are serious. Jim DeLoach writes on the importance of tone at the top (as well as tone in the middle), prescribes potential solutions, and proposes several questions for Boards and senior executives to consider when seeking to reduce the risks of rogue trading.

Just as risks are ever changing, so should our plans for managing them be. Internal audit must do away with tired approaches to risk management and adopt more dynamic practices in order to keep up with industry changes. Otherwise, the audit department may find themselves continually playing catch up when it comes to handling the various challenges that crop up.

The deadline for implementation of the 2013 COSO Framework is just around the corner. Tim O'Hara offers us a look into what's remained the same from the 1992 framework and what's changed. Auditors will be taking a closer look at operations where the 2013 iteration parts ways from the 1992 version. Where does your organization stand? Is your company ready?

There have been more than a few lessons to learn from this year's World Cup. For the risk management professional, consider this: if your risk scoring system is as complex as FIFA's process for determining world rankings, you might be in trouble. More complicated systems don't necessarily garner more accurate results. In fact, often the opposite is true.

Solid compliance programs are built on solid risk assessments, so the importance of a thorough risk assessment can't be underestimated. Jeff Kaplan has provided us with a wealth of information over the years in this vein, and today he's covering some of the questions he hears the most from compliance and ethics practitioners. Check in for some expert guidance.

It's been made clear that violations of the FCPA can do an organization significant reputational harm and result in some very steep fines. To minimize the damage an employee or agent does to your company when engaging in corrupt behavior, you must have excellent controls in place. Even if the infraction is egregious, the fallout can be minimal.