Articles

Tag: it grc (page 3)

The Core Principles of Effective Internal Auditing

Norman Marks | Oct 11, 2019

The Institute of Internal Auditors' new practice guide for internal auditing shares some good insights, but falls short in a few areas.

Continue reading...
How to Get Started Managing Risk in the Cloud

Hunter Willis | Sep 20, 2019

While it's impossible to completely eliminate risk, here are four actionable solutions for mitigating your organizational risk in the cloud.

Continue reading...
Facebook's Multibillion Dollar Data Violation Fine Is a Wake-Up Call for Every Enterprise

Dana Simberkoff | Sep 19, 2019

Data is only becoming more valuable - and more difficult to protect - with every passing day.

Continue reading...
What Risk Managers Need to Communicate to the Board

Matt Kunkel | Sep 18, 2019

For leaders to balance risk management with company performance, they must keep open lines of communication with risk managers.

Continue reading...
How to Assess the Effectiveness of Risk Management

Norman Marks | Aug 6, 2019

Few organizations are seen as having effective risk management, so there is no exemplar against which to measure success.

Continue reading...
CEOs Aren't Idiots When it Comes to Risk Management

Norman Marks | Jul 23, 2019

Management needs to take risks to survive and thrive, and that means balancing the potential harms that may occur against the potential rewards.

Continue reading...
Forget About Being Right, Focus on Being Defensible

Joe Shepley | Jul 12, 2019

Shouldn't the defensibility of a process for managing information require designing the process with info mgmt best practices in mind? Short answer: nope.

Continue reading...
Time (Again) for the IIA Standards to Be Corrected

Norman Marks | Jun 27, 2019

IIA standards need to be updated so audit providing assurance on enterprise-level risks, not what matters to middle management alone.

Continue reading...
The Cost of a Cyber Breach

Norman Marks | Jun 6, 2019

Deciding how much to invest in cybersecurity requires considering the likelihood of achieving objectives given all sources of risk, not just cyber.

Continue reading...
7 Strategies to Stop Shadow IT in Its Tracks

Hunter Willis | May 17, 2019

There's a way to put an end to shadow IT that respects people's needs for functionality and access to information.

Continue reading...
Becoming a Data-Driven Enterprise Requires Playing Offense and Defense

Marcus MacNeill | May 10, 2019

While most leaders understand the benefits of fully leveraging data, many struggle with how to turn it into usable insights.

Continue reading...
A Board That Would Fail Any Test of Its Governance Practices

Norman Marks | May 3, 2019

Ten principles for what constitutes effective oversight of risk management by a board.

Continue reading...
The Positive Side of Risk

Norman Marks | Apr 26, 2019

If we can’t agree on what the terms risk and opportunity mean, how can we have a constructive conversation?

Continue reading...
The Problem With Software for GRC

Norman Marks | Apr 16, 2019

Even if it were possible to have one piece of software that included everything in GRC, very few companies claim to have integrated their related technologies.

Continue reading...

Displaying 29-42 of 565