enterprise (96)

Governance programs are the unsung heroes of 21st-century business operations. Their situation is analogous to that of football’s offensive line.

If an offensive line does its job, no one will notice it, but when something goes wrong, the spotlight shifts.

Governance personnel know this feeling all too well. Unwanted surprises – be they compliance notices, audit findings, or a poor vendor relationships – are bad for business. Even a good surprise, like exceeding a sales target, can cause trouble i

Read more…

Nobody likes surprises in business. Using a risk-based approach to identify your organization’s likely vulnerabilities is highly recommended and vital to short-term and long-term success. Expanding regulations make compliance increasingly complex and expensive, and increases in deficient internal audit controls have heightened scrutiny of companies by the SEC, PCAOB, and investors.

Business surprises are preventable, but there are several common issues with risk identification that can be impossi

Read more…

Volkswagen has been side-stepping environmental compliance standards by “programming some diesel-fueled cars to turn on emission controls only when being tested.” In the days since this discovery, Volkswagen has been hit with over 30 federal lawsuits and 40%+ decline in stock value, all stemming from the same source—poor Enterprise Risk Management.

In this case, poor risk management regarding their investment in diesel, without developing a mitigation plan for if the technology didn’t meet emissi

Read more…

ERM and Risk Appetite may Derail SoulCycle's IPO

Last month, SoulCycle, a well-known high-end cycling business, filed for an initial public offering. In the midst of this exciting transition from private to public, SoulCycle was hit with a lawsuit for violating the Credit Card Accountability and Disclosure Act. One might assume that the company was outed by a compliance agency or regulator. But, surprisingly, this lawsuit comes from a disgruntled former customer, Rachel Cody, who felt she was being "robbed" by the cycling mogul she once truste

Read more…

Jeanette Franzel, board member of the Public Company Accounting Oversight Board (PCAOB), recently spoke at the American Accounting Association (AAA), according to The Wall Street Journal. She says audit-oversight inspections show a twenty percent increase (since 2013) in internal-control deficiencies of company audits. Inspections also indicate that 36 percent of company audits now have internal-control deficiencies, which constitutes a threefold increase from five years ago.

Franzel indicated th

Read more…

Define Your Digital Strategy—Now


Enrique Suarez Presenting:

Define Your Digital Strategy—Now


Ross, Jeanne W.
Sebastian, Ina

Center for Information Systems Research (CISR)



Abstract: The confluence of social, mobile, analytics, cloud, Internet of Things, and other powerful, readily accessible technologies is disrupting businesses in all industries. Success requires a coherent digital strategy that is informed by the capabilities of these technologies. Leaders guide investment decisions by focusing on eithe

Read more…

8028237476?profile=originalThis past April, an Air Force reconnaissance airplane caught fire. At the time, 27 airmen were on the plane, and all their lives were put in danger. What went wrong and caused this costly error? According to U.S. Air Force investigators, the mistake traces back to an error in vendor management. In this case, a vendor failed to properly secure an oxygen tank, resulting in a “highly flammable oxygen-rich environment that ignited.”

Findings also indicate that problems with the military contractor ma

Read more…

The New York Times author David Leonhardt recently published a puzzle that I recommend all governance personnel attempt. Take a second to give it a try before reading this blog, but if you’re pressed for time, I’ll outline the basic premise.

The puzzle asks that you find the rule in the following pattern of numbers by guessing other sets of numbers that may or may not obey the rule. The sequence that obeys the rule is:

New York Times puzzle for risk managers

You may think you have the puzzle figured out already, and if you guessed, say,

Read more…

Cybersecurity has been on our radar a lot lately, but that's thanks to the alarming number of recent, high-profile security breaches. Take a look at our recent blog post regarding a major flaw in the Android operating system, or our discussion of hackers' disturbing rate of maturity.

Federal officials recently broke up a long-term insider trading scheme

cyber-crime.jpg?width=300In early August of this year, it was announced that Feds succeeded in breaking up a hacking and insider trading scheme in which international hack

Read more…

The OCC released its “Semiannual Risk Perspective” and, perhaps as anticipated, banks continue to struggle plugging gaps in information technology practices.

Hands-Typing-angled-500x333.jpg?width=300Among the risks highlighted in the study, as reported by Joe Mont at Compliance Week:

  • Evolving cyber-threats and information technology vulnerabilities require heightened awareness and appropriate controls.
  • The high volumes and frequency of changes to information systems to address regulatory requirements, enhance risk monitoring reporting, an
Read more…

New Technology Brings New Risks

Our society runs on technology. We all rely on smart phones, laptops, and iPads and other tablets, all of which are linked to one another via the internet and a multiplicity of software programs. Technology is embedded in our credit cards, cars, and alarm systems. Our vendors are co-located in our work environments virtually and physically.

issues-in-cybersecurity-500x426.jpg?width=250Increased technological capability brings increased technological vulnerability. Making technology secure is a continuous battle; some cyber threats are steal

Read more…

Morgan Keane made headlines in 2014 at the RIMS Enterprise Risk Management Conference in Miami, Florida, and has done so again in a profile now posted to PropertyCasualty360.com.

Keane highlights her work in reaching out to and educating over 7,000 employees at the Port Authority of New York & New Jersey, and her role with the RIMS Risk Management Society.

We commend Morgan on her fine work! For more information about how you can engage stakeholders and mature your ERM program, request a LogicMana

Read more…

Manage operational risk as a separate entity while budgeting for increased operational risk demands


New York City, NY– May 6, 2015 marcus evans, the world’s largest event management group, will host the Operational Risk Management Conference on September 16-17, 2015 in New York City, NY. This conference will bring together risk leaders to examine the exposures brought on by operational risk and how these must be accounted for in the business model, as well as focusing on techniques for demonst

Read more…

Understanding Cyber Exposure

8028232672?profile=originalThere is a weakness in cyber risk to focus on the technical issues. They are necessary but not sufficient if you want to understand and manage all your cyber exposures, which I define as the vulnerabilities that arise as a result of activity using computers and the Internet. There is a great range of these vulnerabilities that are not being addressed.

An example would be the exposures that arise through the use of Social Media if not managed and controlled. For example posts that reveal sensitive

Read more…

Disclaimer: Much of this article is based on the PowerPoint presentation Operational Excellence: An Integrated Business Execution System developed by Operational Excellence Consulting.

* * * *

In "The Discipline of Market Leaders," Michael Treacy and Fred Wiersema describe three distinct value propositions an organization can choose to compete in their market or industry:

  1. Operational Excellence,
  2. Product Leadership, and
  3. Customer Intimacy.

The core of the book is based on five years of research by the T

Read more…


Disclaimer: Much of this article is based on the PowerPoint presentation Lean Thinking 101 developed by Operational Excellence Consulting.

* * * *

Lean Management is a management philosophy based on the Toyota Production System (TPS). This management philosophy was coined "Lean" only in the 1990s. The objective of Lean Thinking is to eliminate everything that does not add value (i.e. "waste") from the customer's perspective.

The general approach to Lean is learn-by-doing and to foster a culture of

Read more…

ScreenHunter_147-Jul.-16-16.34.jpg?width=220There are a couple of common refrains we hear at LogicManager on a consistent basis. One is of particular concern to risk managers seeking to establish legitimacy and trust within their organization.

"My boss just doesn't get it."

The signs you're on this boat are noteworthy. You're rarely questioned about the legitimacy of the data you've collected. Feedback is positive, but non-descript (e.g. "We appreciate your work."). Your findings don't result in a change in direction, or worse, no one even

Read more…

Healthcare-Industry.jpg?width=300The healthcare industry has grappled with HIPAA for nearly 20 years. The ever-changing, extensive piece of legislation mandates the protection and security of patients' private health information, and HIPAA compliance is a costly and time consuming process for healthcare organizations.

With the amount of focus and effort directed towards HIPAA compliance, risk and compliance professionals at healthcare organizations can rest assured their patients' data is protected from hackers and data theft, r

Read more…

Since Darwin’s Origin of the Species we have recognised how nature adapts to survive.  Modern humankind continues to adapt to survive while following these two innate risk management principles:

•    If it hurts us we learn and take action in proportion to the degree of pain.

•    The next time we face the same pain we are better prepared and we go back for more and either avoid the pain or at least find a way of working to a new pain threshold.

Why history keeps repeating itself is simple really. 

Read more…

LogicManager Selected for Forrester GRC Wave

lighthouse-150x150.jpg?width=200Forrester recognizes growing interest in consolidated platforms

GRC has been defined up until now as targeting specific requirements of a single department or function — typically IT, compliance, or health and safety.  Since 2005, LogicManager, a leader in ERM platforms, has taken a more holistic, enterprise approach to these functions, and with the Q1 2014 Wave, Forrester has adjusted its lens, consolidating its various GRC submarket reports to reflect a “growing customer interest in consolidate

Read more…

    About Us

    The GlobalRisk Community is a thriving community of risk managers and associated service providers. Our purpose is to foster business, networking and educational explorations among members. Our goal is to be the worlds premier Risk forum and contribute to better understanding of the complex world of risk.

    Business Partners

    For companies wanting to create a greater visibility for their products and services among their prospects in the Risk market: Send your business partnership request by filling in the form here!