Articles
Tag: norman marks
-
Emerging Risks: Who Is Watching?
Whose job is it to identify, assess and react to risks? If you responded with anyone other than management, read on.
Continue reading...
-
Do You Understand What a Risk Event Is?
People discuss risk events as if the outcome will always be negative. That's not the case.
Continue reading...
-
Is It Really All About Culture?
When using the word "culture" we should always use a modifier.
Continue reading...
-
What Are the Core Competencies of an Effective Risk Officer?
A friendly argument with a friend revealed a big disagreement over the qualities a risk officer should possess.
Continue reading...
-
My Cybersecurity Confession
Cybersecurity is clearly a priority for many, but let's not kid ourselves how effective our security plans are.
Continue reading...
-
Effective Risk Management Starts With Better Decision-Making
An idea to help drive effective risk management that involves improving the decision-making process.
Continue reading...
-
One Objective, Multiple Risks: What Do You Do?
Any objective will have multiple associated risks. How can you aggregate multiple sources of risk to reach a final assessment?
Continue reading...
-
Identifying, Assessing and Evaluating Risk Is the Easy Part
Identifying and reacting to the initial risk is relatively easy. Taking into account all of the resulting risks this action creates is the hard part.
Continue reading...
-
8 Biggest Risks for Internal Auditors in 2018
Internal auditors put their own roles at risk if they fail to focus on the broader business's success
Continue reading...
-
How Will You Respond to the Cyber Crisis?
It feels like almost every week yet another ransomware attack strikes. The recent Petya attack spanned the globe and eluded detection and prevention by corporate defenses. All indications show o
Continue reading...
-
When 'Acceptable' Risk Is No Longer Acceptable
We are used to identifying a risk, analyzing the potential consequences and their likelihood and then establishing a "risk level." We evaluate whether the level of risk is acceptable or not, bas
Continue reading...
-
A Risk Manager's Most Powerful Tool: The Word 'Why'
As a young boy, my family spent our vacations at a hotel near Rimini, on the Adriatic coast of Italy. The hotel owner had a six year old son, Mario. Mario only spoke a little English, which he had pic
Continue reading...
-
How Do You Change an Organizational Culture?
In the last few years, we have witnessed a number of clear failures of culture in major organizations, including Wells Fargo, GM, Volkswagen and more. Sometimes, the failure leads to a violation of la
Continue reading...
-
Cybersecurity Is More Than a Tech Issue
Do techies really understand cyber risk? The question came up after reading two recent papers published by sources you would expect to have more authority on the matter. Cybersecurity Involves the Who
Continue reading...