Risk Management News & Articles

If internal audit is to remain relevant, it needs to move beyond the services currently performed to provide assurance to the main stakeholders.

Welcome! Yea, though a scurvy pirate or two has occasioned to dare set foot within our establishment, they were swiftly dealt with and ne’ery a one have been eyed since. Aaargh …’tis no safer place to bury yer treasure. Thar treasure chests are sturdy and their locks sure. We afford ye yer own shovel for buryin’ and the watchmen step lively to thwart the ne’er-do-wells. Would ye care for a copy of our SSAE-16? Did I mention that we’re PCI compliant?

If you live in the Northeast, odds are that you looked out your window a couple of weeks ago and saw snow falling from the sky. Parts of the region were buried under more than three feet of the white stuff, paralyzing the population. The bright side of any blizzard is that the snow, no matter how much, eventually melts away. The same is not the case for email.

This week offered several statistics about the low levels of employee engagement in the workforce. But all hope is not lost -- there are strategies and tools out there that can help turn these numbers around. Read on.

Uncertainty is inherent in any plan. But there are actions that can be taken to increase the likelihood of positive outcomes and to reduce risk.

e-Discovery is normally thought of as a legal process related to the identification, gathering, analysis and transfer of data (e.g., documents and email) for lawsuits and other legal matters but though that is true, e-Discovery is at its core, a risk management issue.

For those trying to obtain managerial buy in for security control, the stages in the process can often parallel the five stages of grief: denial, anger, bargaining, depression, acceptance.

Recently a Dutch agency investigated the vulnerability of Dutch municipality websites and the results are quite shocking. At least, that was my first sentiment when I read the results. Almost one quarter of all local government websites use an outdated Web CMS or other web software tool version.

It's your vendor's job to sell to you. When they fail to do so, they are failing at their job. Though you may have an established rapport with your vendor, their job provides for their own basic needs and those of their family. Each of those priorities is of greater importance than you.

Content management company, Sitecore has with HiSoftware released the HiSoftware Compliance Sheriff App for Sitecore’s App Center. This new application is designed to ensure that web content and applications follow privacy guidelines.

Recent improvements in in-memory and big data analytics technology spell benefits for those working in risk and compliance. 

The desire for the availability of our data is unquenchable. The technological innovation which this need inspires yields continuous development of ever evolving solutions with the express purpose of ensuring our data accessibility independent of time or place.

A recent study by the Open Compliance and Ethics Group (OCEG) points to the high cost for the enterprise a fragmented GRC can have and indicates there is much room for improvement.

Successful organizational risk management is not accomplished in a vacuum. 

Digital Risk, Crisis Management, Cyber Security: three fields that would have meant little to nothing for most businesses as recently as 10 years ago. But in today's digital workplace, they are all but unavoidable.