Governance is defined by the organizational processes used to make and implement decisions. Good governance is not necessarily making only the “correct” decisions. It’s using the best possible risk management process to inform decision-making, which has the potential to impact employees, customers, other…Continue
Added by Steven Minsky on April 25, 2017 at 9:09pm — No Comments
For companies who care about their reputation, risk management is a must. Said best by Warren Buffet, "It takes 20 years to build a reputation and five minutes to ruin it. If you think about that, you'll do things differently.”
Building and preserving that reputation through proactive incident prevention must be a top priority. Post-scandal PR efforts, and other attempts to recoup losses, prevent only a fraction of the long-term damage.
Added by Steven Minsky on April 17, 2017 at 10:30pm — No Comments
What is Domestic Political Risk?
Political risk refers to conditions and events that affect organizations and result from governmental decisions. It can have major effects on the profitability/expected value of economic action. Political risks…Continue
Added by Steven Minsky on March 21, 2017 at 9:54pm — No Comments
Cybersecurity vulnerabilities are a concern for every company in every industry. In 2016, 4.2 billion records were stolen during 4,149 reported data breaches. This doesn’t take into account breaches not noted in the public record.
According to a …Continue
Added by Steven Minsky on February 14, 2017 at 9:58pm — No Comments
IMPACT 2016 has come and gone, and risk practitioners from across the United States and Europe were thrilled with the results. IMPACT 2016 was differentiated by the passion behind real customer stories, all shared with actionable takeaways. Topics included third-party risk management, performance integration, cybersecurity, and reporting to the board.
LogicManager’s annual ERM…Continue
Added by Steven Minsky on November 30, 2016 at 5:01pm — No Comments
Added by Steven Minsky on November 21, 2016 at 6:00pm — No Comments
Wells Fargo recently paid $185 million in penalties – the highest fine levied by the …Continue
Added by Steven Minsky on September 23, 2016 at 7:00pm — No Comments
When building a business case for risk management software, independent validations of customer success stories speak louder than marketing claims. Winona Health won the 2016 GRC Value…Continue
Added by Steven Minsky on September 19, 2016 at 5:51pm — No Comments
Last year, we blogged about how to develop a successful ERM program. An important goal is fostering a risk-based company culture. This means everyone, not just the appointed risk managers, assimilates risk awareness and works it into their job description. That said, there are many factors that contribute to a healthy, risk-managing…
Added by Steven Minsky on September 8, 2016 at 3:30pm — No Comments
The words “data breach” are often met by a clamor whenever they make headlines. Home Depot, Target, Ashley Madison, Heartland, Citibank, the list goes on and on. These breaches spent time in the limelight because of their magnitude; they affected hundreds of thousands – in some cases millions – of cardholders.Continue
Added by Steven Minsky on July 28, 2016 at 10:00pm — No Comments
Risk is a double-edged sword for insurance companies. On one hand, customers buy coverage because their businesses face a variety of risks. On the other hand, risk management challenges for the insurance industry are numerous. These include risks like “underwriting, credit, market, operational,…Continue
Added by Steven Minsky on June 21, 2016 at 6:13pm — No Comments
Does your organization rely on vendors or other third parties? In the likely event that it does, are your vendor management processes as thorough as they could be? When performing risk assessments of both current and prospective vendors, it’s difficult to ascertain that every variable has been accounted for.…Continue
Added by Steven Minsky on June 17, 2016 at 5:53pm — No Comments
Plains All American Pipeline, a major player in the oil and gas industry, faces $2.8 million in fines, and a grand jury indicted the company on 46 criminal charges – four…
Added by Steven Minsky on June 9, 2016 at 4:00pm — No Comments
Back in August of 2015, we discussed a vulnerability in Android’s operating system that put both personal and professional data at risk. This is just one example…Continue
Added by Steven Minsky on June 2, 2016 at 4:51pm — No Comments
By this point, the Volkswagen scandal is old news (we first blogged about it last October). Yet details about the case continue to emerge, most…Continue
Added by Steven Minsky on May 19, 2016 at 4:27pm — No Comments
Cyberattack prevention measures will always be necessary. The constant threat of data breaches and other hacks is simply a fact of business. Priority targets are no longer limited to retailers and banks; insurers, hospitals, energy producers, and (most recently) a host of law firms are all at…Continue
Added by Steven Minsky on May 4, 2016 at 8:13pm — No Comments
Last month, the Consumer Financial Protection Bureau (CFPB) investigated Dwolla, an e-commerce and online-payment company. It found Dwolla guilty of risk management negligence regarding data security practices.
The investigation has some significant implications. Before we take a deeper look, here are a few key takeaways:
Added by Steven Minsky on April 20, 2016 at 6:02pm — No Comments
Risk Management's 3 Basic Steps
In order to be effective, risk management must involve three phases:Continue
Added by Steven Minsky on April 6, 2016 at 4:27pm — No Comments
A big mistake in risk management, especially when it comes to companies with newer programs, is underestimating the importance of standardized risk prioritization. Diving into identification and assessments without a sufficient framework inhibits prioritization. This can result in ineffective risk mitigation activities and duplicate work across…Continue
Added by Steven Minsky on March 17, 2016 at 4:56pm — No Comments
Regular risk assessments are one of the most important pillars of any risk management department. Although performing risk assessments is now considered best practice, it’s easy to overestimate their comprehensiveness. As a result, some risk managers are doomed from the start to mediocre results.
For a quick check on the adequacy of your risk assessments, determine how many of the following 5 best practices your program has ingrained in its ERM process.…Continue
Added by Steven Minsky on March 4, 2016 at 8:24pm — No Comments