Articles
Tag: it grc
-
Securing Sensitive Information in the Cloud Comes Down to Access Management
When it comes to data security, most organizations worry about external actors, when what they really should worry about is the threat from within.
Continue reading...
-
Should We Audit at the Speed of Risk?
The annual audit plan is typically out-of-date even before it is approved by the audit committee.
Continue reading...
-
Why Taking on More Strategic Risk Can Be Fuel for Growth
Risk doesn't have to be scary or negative. Instead you should view it as fuel for growth.
Continue reading...
-
How Do You Make Decisions?
How can we, the "risk" managers, help leaders make informed and intelligent decisions that consider all the things that might happen?
Continue reading...
-
Stop Phishing With Employee Training
Phishing attempts are up as people are forced to work from home, so training your staff on how to spot phishing attacks is crucial.
Continue reading...
-
How Will Risk Management Change as We Emerge From This Crisis?
Even before the crisis, few in executive management believed their risk management programs were helping them run the organization for success.
Continue reading...
-
Risk Practitioners Should Be Asking 'How Can We Help?'
We may have a business card that says we are internal auditors. But we are part of the management team and our first duty is to help the organization succeed.
Continue reading...
-
Should You Boast About Internal Audit Value?
Value is what people would be willing to pay for, not what you say it is. The same applies to internal audit.
Continue reading...
-
Risk, Consequences and the Domino Effect
Risk management is not about managing the possibility of harmful events or situations. It’s about managing the likelihood and extent of success.
Continue reading...
-
Which Comes First, Risk or Control?
Can you assess risk management without considering related internal controls? I don’t think so.
Continue reading...
-
Why Does Internal Audit Need to Be Agile?
We need to be not only agile in our audit planning, but also provide the assurance and insight that is needed at speed.
Continue reading...
-
10 Years of Progress in the GRC World
Thankfully, most practitioners have moved on to focus on those elements of GRC that are meaningful to them rather than trying to implement software for “GRC.”
Continue reading...
-
How to Advance Your Enterprise Risk Management Maturity
To improve enterprise risk management maturity, you need to define your risk appetite, ensure the right people are taking responsibility, and measure progress.
Continue reading...
-
Did Risk Management Fail?
Risk management is not like looking into a crystal ball and predicting the future with certainty.
Continue reading...
