Articles
A recent thought paper on risk appetite by COSO prompts guest writer Norman Marks to explore the place risk appetite and its management have in the day-to-day strategic plans of organizations. My congratulations go to Professor Larry Rittenberg and Frank Martens of PwC on the Thought Leadership Paper "Understanding and Communicating Risk Appetite,"
Continue reading...
The ASX Corporate Governance Council, chaired by the Australian Securities Exchange (ASX), has released a second edition of Corporate Governance Principles and Recommendations (see here for the ASX announcement and related resources, or here if you want to go directly to the document ).
Continue reading...
The UK’s Financial Services Authority (FSA) has published its report on the causes of the failure of the Royal Bank of Scotland (RBS). RBS was a massive bank and its failure was significant to the UK and global economy.
Continue reading...
The year 2011 saw an explosion of mobile use in work settings. With the coming year promising even greater integration of mobile devices in the enterprise, it is time for companies to sit down and think about their mobile device strategy.
Continue reading...
The latest report from PwC, conducted with CIO and CSO Magazines, points to some interesting trends in international information security. The global study drew its respondents from 138 countries, indicating the common threats, improvements and concerns facing industries worldwide. Interesting Facts and Observations Highlights from the PwC report: 70 percent of executives across industries and markets worldwide are confident in the effectiveness of their organization’s information security practices. They
Continue reading...
Today, I want to share a treasure trove of information and perspectives on mobile security from SC Magazine. They released an edition of their “Spotlight” edition on the topic of mobile security. You can download a copy here. Interesting Facts and Observations The Spotlight includes several articles that you
Continue reading...
The only way risk management has value is if it affects the way you do business. It must influence decisions and actions; otherwise, it is no more than decoration. Risk management should not be a “check-the-box” activity. Used well, it can help an organization achieve and sustain optimal long-term performance.
Continue reading...
Despite the apparent sampling bias in this Accenture study, the study’s shocking results -- some of which I highlight in this article -- still reveal interesting and important insights into how risk management philosophy and practices may have shifted and progressed since Accenture’s last study in 2009.
Continue reading...
Who knew that GRC could be explained using three brilliant, but competing, musicians…and Jimmy Carter? I included a metaphor to explain my thinking on the relationship between governance and risk management in comments on this post. People seem to have enjoyed that, so I thought I would use a
Continue reading...
An article that caught my eye last week was a piece by Ron Ashkenas in the Huffington Post Business section: Every Manager is a Risk Manager. Now, Ron does not have a background as a practicing risk officer, so his knowledge and understanding of risk management is not perfect;
Continue reading...
Just what is risk appetite and how does it differ from risk tolerance? Risk Appetite vs Risk Tolerance How can we have a productive conversation about risk management unless we use the same language? One of the terms that serves as much to confuse as to clarify is “risk appetite.
Continue reading...
The other day, I was working on an article about assessing risk management and looked to the COSO ERM Framework for quotes. Specifically, I looked at the Executive Summary for language concerning the need for decisions to be based on timely, current and reliable information about risks. I found
Continue reading...
In a report (Risk Management Survivors Offer Cautionary Tales ) by a professor who attended the World Economic Forum in Davos there is some excellent information on a variety of risk and governance issues. What caught my eye was the section under the heading -- “Redesigning the Board.
Continue reading...
I ask this question after reading Ernst & Young’s 2010 Global Information Security Survey. The survey has some interesting comments on the top IT security risks from new information technology -- including the obvious ones around data leakage, mobile devices, cloud computing and social media.
Continue reading...
Displaying 85-98 of 103