assessment (30)

8548844488?profile=RESIZE_400xRestructuring becomes essential at some stage in the lifecycle of any organization.  In order to emerge triumphant through this tumultuous challenge, it is necessary that the focus remains on the challenges impeding the organization, Strategy Development to tackle the challenges, and prioritizing Strategic Initiatives to deliver radical results that lead the organization to Operational Excellence.

Redeployment is the most significant phase in the Restructuring process.  Within Redeployment, the A

Read more…

One of the suites of the Business Analytics tools of Microsoft is Power BI. It is used for data analysis and sharing insights. Power BI dashboards give a 360-degree view to users of business with their most significant metrics in a single spot, updated continuously, and available on all of their devices.

This means Microsoft is bringing the power of data analysis and visualization to each user in the company and not simply the technical or IT group. Currently, companies can analyze and visualize

Read more…

8028273666?profile=originalBack in March, President Trump’s administration threatened to impose steep tariffs on imported goods from some of America’s biggest trading partners. In the following months, the administration set a 25% import tax on steel and 10% on aluminum. Just as I predicted, these decisions are impacting the supply chains of American businesses, forcing them to consider the effects this kind of tumult could have on their business.

In my first blog post on the subject, I detailed a few direct and indirect c

Read more…

8028270679?profile=original


Does your institution need cybersecurity insurance? Is it required? If utilized, are there rules? Cybersecurity insurance can protect against financial loss in the event of a cyber incident, but there are many intricate details.

The Federal Financial Institutions Examination Council (FFIEC) members have provided a joint statement to help financial institutions understand how cyber insurance impacts risk management and what institutions need to do when considering purchasing cyber insurance. The

Read more…

Are You and Your Vendors Ready for GDPR?


Don’t assume you’re immune from this European regulation with huge 
fines


8028269265?profile=original

All may be relatively quiet on the regulatory front in the U.S., but this May new privacy regulations are taking effect in the European Union, which will likely impact even the most provincial U.S. financial institutions.

The E.U.’s General Data Protection Regulation (GDPR), approved in April 2016, is much broader than the U.S.’s most well-known privacy regulations, the Gramm-Leach-Bliley Act (GLBA) and the Health Insurance P

Read more…

8028256900?profile=originalThe blows keep on coming for Wells Fargo. Within a year of their cross-selling scandal, two more scandals have risen to the top of news headlines.

In part one of this series, I set out to make good on a prediction I presented to business journalist L.A. Winokur. I predicted that after the dust settled for the original cross-selling scandal, Wells Fargo would remain vulnerable in other areas of its operations, lest they address the gaps in their risk management program.

In the time it took me to ex

Read more…

8028264866?profile=originalIn a recent interview I had with business journalist L.A. Winokur regarding the Wells Fargo cross-selling scandal, I made a prediction: “Once the dust of this scandal settles, perhaps in two or three years, Wells Fargo will remain vulnerable in other areas of its operations to risk management failures.”

Low and behold, the only part I didn’t get right was the timeline. In less than a year of paying $185 million in penalties, the largest fine ever levied by the CFPB, the bank finds itself in headl

Read more…

short course on cybersecurity risk

What's your biggest cybersecurity risk?  Chances are it's that you're using the wrong methods to assess that risk!

Douglas W. Hubbard, author of big sellers How to Measure Anything and The Failure of Risk Management, now has done a new book, How to Measure Anything in Cybersecurity Risk.  He and I are teaming up to offer a one-day short course on the subject at the Holiday Inn in Rosslyn (Arlington), Virginia, Thursday, October 6.  The course includes training in calibration of your risk assessme

Read more…

risk_assessment_template_KC-500x271.png?width=300Where are there more homicides? Detroit or Michigan?

Most people would say Detroit, even though every murder in Detroit also takes place in Michigan. Our initial impressions, even those we have the utmost confidence in, can quickly and easily lead us astray. Avoiding such misconceptions is the value that risk assessments provide ERM programs.

Many risk managers we hear from rightfully criticize risk assessments designed around impact and likelihood to be too subjective, high level, and “fluffy”

Read more…

SME Lending: Get Redi to Get Funded

The tough conditions in the credit markets require small businesses to communicate and demonstrate their credit worthiness to satisfy exacting credit risk standards of lenders. Credit channels are open and loans are being made but strict federal regulations and heightened risk aversion by lenders places additional burdens on borrowers to demonstrate they are a good credit risk.
 
“You have to be prepared,” said Robert Seiwert, a senior vice president with the American Bankers Association. “If you
Read more…

SME Credit Repair

small-business-credit-nfib-infographic-large+280.png
As the US economy slowly emerges from the great recession many small businesses are looking upon battered and bruised balance sheets and income statements.  Before the downturn they looked young healthy and vibrant but the distress of the credit crunch, high unemployment and record business closures has taken its toll.  Receivables growing longer in the tooth each month.  Write offs of bad debt up.  Client defections, pinched profit margins and market erosion due to decreased buying power, busin
Read more…

8028227088?profile=originalThe third step in the Risk Management and Own Risk and Solvency Assessment Model Act (RMORSA) is the implementation of a Risk Appetite and Tolerance Statement. This step is meant to sets boundaries on how much risk your organization is prepared to accept in the pursuit of its strategic objectives.

An organization-wide risk appetite statement provides direction for your organization and is a mandatory part of your assessment. As defined by COSO (one of the risk management standards measured in the

Read more…

istock-cyber-crime1-300x230.jpg?width=300

The first step in the Risk Management and Own Risk and Solvency Assessment Model Act (RMORSA) implementation, Risk Culture and Governance, lays the groundwork and defines roles for your risk management function. The second step, Risk Identification and Prioritization, defines an ongoing risk intelligence process that equips an organization with the data needed for risk based decision making.

The engine behind this process – the enterprise risk assessment – isn’t a new concept, but organizations a

Read more…

security_risk_management.jpgA study published last week sponsored by Tripwire and conducted by the Ponemon Institute found that while over 80% of security and risk professionals consider their organization's commitment to risk-based security management significant, less than 30% had a formal risk management strategy in place.

Why does such a large gap continue to exist, even as the evidence piles up that organizations with a mature risk framework are better performing and more prepared for an uncertain future?

One hurdle tha

Read more…

risk_taxonomy2.jpg?width=322Fifteen of the world’s top risk managers met recently at the 2013 RIMS Risk Summit. When the topic of reputational risk arose, the group struggled to develop a concrete value proposition, but unanimously agreed that no ERM assessment that failed to tackle reputation risk would be deemed complete by leadership.

Their recognition calls attention to one of the biggest hurdles confronted by risk managers in all industries when faced with high level risks deemed critical by the board or executive lead

Read more…

ERM Approach to Vendor Risk Management

greatwallofchina.png?width=230What the Great Wall of China can teach us about Vendor Risk Management

vendor risk management approach is all about creating centralized standards that transcend business silos, which is very different from the approach taken in traditional vendor management software. Vendor management needs tools with a risk-based approach to overcome their difficulty of objectively putting the vendor compliance pieces together across legal, purchasing , security reviews, and accounts payable silos for contrac

Read more…

TSA adopts Enterprise Risk Management

Risk management is not about absolutes, it is about using a consistent analysis framework for balancing risk and cost on a common basis across the enterprise. Yesterday's announcement by the Transportation Security Administration (TSA) of their adoption of a risk-based approach is a long awaited practical application of enterprise risk management to security.security-risk-assessment-206x300.png?width=206

As April 25, 2013, the TSA will allow small pocketknives and an array of sporting equipment -- banned from aircraft cabins in the wake of t

Read more…

Looking back over my most popular blogs, there was a lot of interest in 5 Steps for Better Risk Assessments and How to Consolidate Compliance Risk Assessments. Due to this interest I have created a complimentary 30 minute webinar on streamlining enterprise risk assessments complete with detailed "how to" examples and visuals that are not possible in a blog format.

Click here to watch this On Demand Webinar or read the full invitation below:

On-Demand Complimentary Webinar Invitation:

Organizations

Read more…

Poor Risk Management and Stinky Diapers

chemical plant explosion in Japan on Sunday shows the consequences of poor risk management in a really personal way. The Nippon Shokubai Co. produces a chemical that is a critical link in the supply chain for one-fifth of all the world's diapers. A diaper shortage is expected.

One, where was the risk management program to prevent the explosion? As is always with these things, in the next 6 weeks, evidence of an employee warning their management about conditions that could result in an explosion

Read more…

The National Credit Union Administration (NCUA) by mandate has added Enterprise Risk Management (ERM) and Sarbanes-Oxley (SOX) like financial reporting attestation compliance to the list of required activities for credit unions. Why has the NCUA put SOX, or financial reporting attestation, and ERM in the same ruling?

The NCUA has recognized that all regulatory compliance guidelines have required a risk assessment component, so it is only natural to require an Enterprise Risk Management (ERM) prog

Read more…

    About Us

    The GlobalRisk Community is a thriving community of risk managers and associated service providers. Our purpose is to foster business, networking and educational explorations among members. Our goal is to be the worlds premier Risk forum and contribute to better understanding of the complex world of risk.

    Business Partners

    For companies wanting to create a greater visibility for their products and services among their prospects in the Risk market: Send your business partnership request by filling in the form here!