With so many risk management standards and government regulations out there that require risk assessments, how should internal audit evaluate the effectiveness of your organization’s risk management program? How would you apply any one of these frameworks to an audit? How do you meet the reporting requirements of so many external stakeholders from regulators to investors…
Added by Steven Minsky on April 29, 2011 at 3:30pm — No Comments
If you’re considering automating your governance, risk, and compliance (GRC) program there are dozens of choices out there and choosing the one that’s best for your program can be challenging.
While many tools out there can document controls and test compliance, managing enterprise-wide governance, risk, and compliance is about much more. It’s about adding…Continue
An organization-wide risk appetite can be a powerful statement that gives your risk or compliance program direction. However, like any policy, risk appetite without accompanying action is nothing more than an idea.
So how do you give your risk appetite teeth? How do you make it an actionable guide for your…Continue
The nuclear crisis still unfolding at Fukushima Daiichi continues to threaten a meltdown as core temperatures and radiation leaks continue to fluctuate. The disaster is one of the worst nuclear disasters in history. However the vulnerabilities at the power station are not isolated to Japan or utility companies; they are common risk management shortcomings in operational practices seen in every country and every…Continue