businessman holding wall clock

Managing the Effects of Short-Termism on Risk Management

Posted by - September 28, 2018
6 Recommendations to Maintain Effective Risk Oversight As the financial crisis thoroughly demonstrated, an acute focus on short-term gains can be disastrous when risk proper oversight isn’t there. Protiviti’s Jim DeLoach provides six key considerations your organization can bear in mind in moving beyond myopic “short-termism” to a more broadly…
meter with indicator pointing to “critical”

Communicating Critical Enterprise Risks to the Board

Posted by - April 10, 2018
8 Principles to Guide the Risk Assessment Process Organizations don’t need to involve the board in every risk by any means, but critical enterprise risks are a special breed. Protiviti’s Jim DeLoach provides the formula for an appropriately designed risk assessment process – the first step to identifying and ultimately…
Business meeting at table

Board Evaluations: 5 Ways They’re Missing the Mark

Posted by - October 23, 2017
The past few years have seen the largest security breaches in history. As risk and compliance professionals scramble to predict and prevent future breaches, one aspect that could strongly impact the outcome is how the company's board of directors are impacting security.
woman looking through binoculars

5 Ways to Elevate the Board’s Oversight of Compliance

Posted by - September 29, 2017
Expanding the View to Include Culture Does your organization view compliance as a “check the box” exercise? Many companies do. Chuck Saia, CEO of Deloitte Risk and Financial Advisory, feels differently and shares five ways a board can start broadening its view – and management’s view – of compliance to…
business leaders shaking hands

Setting the Tone: No Back Seat for the CEO

Posted by - August 24, 2017
How the CEO Can Best Support Compliance Keeping a tight rein on compliance is the name of the game for every business entity, whether early-stage, family-owned or large multinational. And – while it’s the CEO who ultimately sets the tone – the culture of compliance has a strong foundation in…
thumbs down with one-star rating

10 Keys for Executives to Manage Reputation Risk

Posted by - August 3, 2017
When a good reputation is difficult to build and easy as pie to destroy, it’s a business imperative to manage the company’s reputation carefully. Jim DeLoach outlines five critical areas leadership must pay close attention to, and 10 factors total that can be critical in managing reputation risk. With today’s…
concept of crisis with unstable statistics bars

Positioning Independent Risk Management to Succeed

Posted by - July 6, 2017
6 Ways to Support the CRO There is no one-size-fits-all solution for successful risk management, but there are certainly commonalities between successful Chief Risk Officers and independent risk management professionals. Jim DeLoach outlines several strategies organizations can implement to position their risk management function (and by extension, the organization) for…
selected book on bookshelf

10 Principles for Effective Board Risk Oversight

Posted by - June 5, 2017
The National Association of Corporate Directors published an authoritative guide in 2009 on risk governance, and the principles outlined therein are as relevant today as ever. Jim DeLoach provides an analysis of each of the 10 principles, demystifying the process of evaluating board risk oversight.
number 10 on outside of office building

Improving Board Risk Reporting

Posted by - May 1, 2017
Following last year’s Principles for Improving Board Risk Reporting comes an updated list. This expanded set of principles comes from Protiviti’s Jim DeLoach and Rick Steinberg, CEO of Steinberg Governance Advisors. While the original six principles focused primarily on what corporate boards should be looking for, the additional four address…
Data governance a challenge in the wake of Safe Harbor

Privacy Shield in Limbo

Posted by - June 29, 2016
With Safe Harbor gone and U.S.-EU Privacy Shield in limbo, what can companies do to continue sharing data with European partners and not run afoul of privacy regulators? First, make sure you’ve huddled with your legal team, then establish a data transfer program that sets—and documents—high standards based on best…