Articles
Tag: norman marks (page 4)
-
Let's Talk About Organizational Culture
Organizational culture has been blamed for many recent disasters. These include BP Deep Water Horizon — referred to as both a “culture of greed” as well as a culture that had defects relating to safety, GM — called a "culture where you get fired if you do talk about quality and safety issues, and you get fired if you don’t talk about them”, Toyo Tire — “Toyo Tire’s problems stem from its corporate culture ” and
Continue reading...
-
Is Information Security Asleep at the Wheel?
If people think they have effective cyber security, they are almost certainly mistaken. Sobering Numbers Let’s look at the results of Protiviti’s 2015 IT Security and Privacy Program. The summary offers four “key findings,” but I found other content far more important.
Continue reading...
-
Do Board Members Understand Internal Audit?
Do top executives and board members understand the role of internal audit and the capabilities it offers? This question was prompted by a post that a valued member of my network, Alfred Rodas, brought to my attention, "Internal Audit and it's enhanced role in the future "(sic).
Continue reading...
-
Risk Decisions in a Time of Uncertainty
Are you ready for the new technology that will change our world, again? It’s not that long since we were dismissing the Internet of Things as something very much "next generation." But, as you will see from Deloitte’s collection of articles, many organizations are already starting to deploy related
Continue reading...
-
The Greatest Cyber Risk Of All
Cyber risk continues to be a concern for many, as witnessed in recent coverage. And it looks as if hackers are getting smarter, while businesses remain in denial. No Boundaries The Deloitte post, "Cyber risk, issues and opportunities for private companies " is important because it asserts — correctly
Continue reading...
-
Reviewing the State of GRC
If there is any value to the concept of Governance, Risk management and Compliance, it must lie in more than the generic meanings of its constituent parts. A good place to start is the treatment of the term by the Open Compliance & Ethics Group (OCEG ).
Continue reading...
-
5 Steps to a Better Board
The latest edition of McKinsey Quarterly is titled “Changing the nature of board engagement.” In this short piece, the authors, Bill Huyett and Rodney Zemmel, write that, in the face of growing business complexity and ever more rigorous regulation: McKinsey research suggests that the most effective directors are meeting
Continue reading...
-
The Continued Failure of Risk Management Practices
Risk management is not about avoiding failure -- it is about achieving success. The ERM Initiative at North Carolina State University, led by Mark Beasley, has published its sixth report on the state of risk management. I saw the first report in 2010 and frankly, not much has changed.
Continue reading...
-
Embrace and Embody Risk Management
If a CEO wants his organization to realize the opportunity presented by risk management to deliver better decisions and, through them, improved performance, he needs to do more than “walk the talk.” I have come up with the phrase “embrace and embody” risk management. (Feel free to borrow it.
Continue reading...
-
The State of Information and Cyber Security
Similarly, an organization needs to be able to detect attacks, especially attacks using a new method, if it is to respond, limit the damage and harden its defenses. Few organizations can do all of this with only internal resources.
Continue reading...
-
When Your Organization's Reputation is at Risk
An organization’s reputation is critical to their success (in almost every case). A smart CEO and her board pay attention to the organization’s reputation and take care to nurture, protect and grow it. A new survey by Deloitte reinforces that obvious truth and states one other truth that should be
Continue reading...
-
Why Risk Management Technology Projects Fail
Too many organizations buy risk management solutions for today, without thinking of their needs for the future.
Continue reading...
-
My Tolerance for Risk Appetite Is Fading
Making people believe they have effective risk management because they discuss a point-in-time list of so-called “top risks” and set limits for those few risks is making them believe in fairies. It is setting them up to be surprised and for a failure to deliver success.
Continue reading...
-
Do You Know When Your System Is Breached?
Information security professionals are always chasing to catch up with the bad guys. Traditional information security (or cybersecurity) is focused on preventing unauthorized access to your network, systems, applications, infrastructure and data.
Continue reading...
Displaying 43-56 of 98
- ‹ Prev Page
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- Next Page ›