Articles
Tag: norman marks (page 7)
-
Mobile Risks and Opportunities: Is Your Company's Strategy Optimized?
The year 2011 saw an explosion of mobile use in work settings. With the coming year promising even greater integration of mobile devices in the enterprise, it is time for companies to sit down and think about their mobile device strategy.
Continue reading...
-
Information Security Study Shows Increased Risk, Insufficient Spending
The latest report from PwC, conducted with CIO and CSO Magazines, points to some interesting trends in international information security. The global study drew its respondents from 138 countries, indicating the common threats, improvements and concerns facing industries worldwide. Interesting Facts and Observations Highlights from the PwC report: 70 percent of executives across industries and markets worldwide are confident in the effectiveness of their organization’s information security practices. They
Continue reading...
-
Shining the Spotlight on Mobile Risks and Opportunities
Today, I want to share a treasure trove of information and perspectives on mobile security from SC Magazine. They released an edition of their “Spotlight” edition on the topic of mobile security. You can download a copy here. Interesting Facts and Observations The Spotlight includes several articles that you
Continue reading...
-
GRC: Risk is Not a Quarterly Exercise, It Should Be a Way of Life
The only way risk management has value is if it affects the way you do business. It must influence decisions and actions; otherwise, it is no more than decoration. Risk management should not be a “check-the-box” activity. Used well, it can help an organization achieve and sustain optimal long-term performance.
Continue reading...
-
Accenture 2011 Global Risk Management Study: Important, Startling, but Deceiving Results
Despite the apparent sampling bias in this Accenture study, the study’s shocking results -- some of which I highlight in this article -- still reveal interesting and important insights into how risk management philosophy and practices may have shifted and progressed since Accenture’s last study in 2009.
Continue reading...
-
From Disharmony to Harmony: A Musical Metaphor that Explains GRC
Who knew that GRC could be explained using three brilliant, but competing, musicians…and Jimmy Carter? I included a metaphor to explain my thinking on the relationship between governance and risk management in comments on this post. People seem to have enjoyed that, so I thought I would use a
Continue reading...
-
Enabling Risk Management Across the Organization
An article that caught my eye last week was a piece by Ron Ashkenas in the Huffington Post Business section: Every Manager is a Risk Manager. Now, Ron does not have a background as a practicing risk officer, so his knowledge and understanding of risk management is not perfect;
Continue reading...
-
Do You Know the Difference Between Risk Tolerance and Risk Appetite?
Just what is risk appetite and how does it differ from risk tolerance? Risk Appetite vs Risk Tolerance How can we have a productive conversation about risk management unless we use the same language? One of the terms that serves as much to confuse as to clarify is “risk appetite.
Continue reading...
-
Making Mistakes and Poor Decisions Because of Old Risk Information
The other day, I was working on an article about assessing risk management and looked to the COSO ERM Framework for quotes. Specifically, I looked at the Executive Summary for language concerning the need for decisions to be based on timely, current and reliable information about risks. I found
Continue reading...
-
A Fascinating Discussion of Governance and Risk Issues
In a report (Risk Management Survivors Offer Cautionary Tales ) by a professor who attended the World Economic Forum in Davos there is some excellent information on a variety of risk and governance issues. What caught my eye was the section under the heading -- “Redesigning the Board.
Continue reading...
-
Are We More Concerned With Addressing Obvious IT Risks Than Having Effective IT Risk Management?
I ask this question after reading Ernst & Young’s 2010 Global Information Security Survey. The survey has some interesting comments on the top IT security risks from new information technology -- including the obvious ones around data leakage, mobile devices, cloud computing and social media.
Continue reading...
-
Norman Marks: Reflections on GRC in 2010
This year has been one of both progress and frustration when it comes to GRC. While there is a lot to cheer about, and hope for 2011, irritants and obstacles continue. • As I have written before, I support the Open Compliance and Ethics Group (www.oceg.org ) and
Continue reading...
-
The Value of Social Media for GRC Professionals
If you think a GRC professional can't benefit from social media, think again. Social Media and the GRC Professional What I want to cover in this piece is how in general individuals involved in managing GRC processes (such as risk officers, compliance professionals, internal auditors, corporate counsel, etc.
Continue reading...
-
Why is GRC an Important Topic?
In May, I wrote about the fact that there is no commonly accepted definition of GRC. While it is understood that the acronym stands for Governance, Risk Management and Compliance, each consultant and vendor -- to the consternation of practitioners -- seems to use a different definition to explain
Continue reading...
Displaying 85-98 of 100
- ‹ Prev Page
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- Next Page ›