grc (87)

8028273264?profile=originalMichigan State University has employed a new Chief Compliance Officer in response to the Larry Nassar scandal. By creating an Office of Enterprise Risk Management within the university, MSU is getting on the right track.

Earlier this year, former MSU doctor and USA gymnastics coach Larry Nassar was charged with sexually assaulting 332 students. Shortly after this story broke, Michigan State was embroiled in two other sexual harassments scandals and has since struggled to escape the spotlight.


Read more…

8028273666?profile=originalBack in March, President Trump’s administration threatened to impose steep tariffs on imported goods from some of America’s biggest trading partners. In the following months, the administration set a 25% import tax on steel and 10% on aluminum. Just as I predicted, these decisions are impacting the supply chains of American businesses, forcing them to consider the effects this kind of tumult could have on their business.

In my first blog post on the subject, I detailed a few direct and indirect c

Read more…

Chief risk officers and heads of operational risk responded to a survey held by and identified their top risk concerns. Their number one concern was IT disruption, while their second highest concern was data compromise. Why is cybersecurity risk on everyone’s mind?

For one thing, technology is an inescapable reality of every business. Even the smallest of mom and pop shops have an electronic system to make credit card transactions, while larger corporations rely on immense data centers t

Read more…

Year over year, scandals like Wells Fargo, Equifax, Chipotle and so many others have dominated news headlines as they wreak havoc on consumers, investors, and awaken industry and government regulators. What is driving this trend?

Consumers have entrusted corporations with increasing involvement and influence in their lives through the decades. In 2014, for example, the Supreme Court ruled that corporations have some of the rights and responsibilities as natural persons. In other words, corporatio

Read more…

8028272083?profile=originalWells Fargo has suffered the consequences of repeat scandals since 2016. This week, the bank agreed to a $1 billion settlement with federal regulators who have cited their lack of effective risk management practices as the root cause of their woes.

This settlement with the Consumer Financial Protection Bureau and Office of the Comptroller of the Currency would be another blow to Wells Fargo in a long line of many.

Let’s look at a timeline of Wells Fargo’s risk management scandals:

  • 2009-2016 – Wells
Read more…

8028264484?profile=originalOn Sunday April 1, Retail group Hudson’s Bay disclosed that it was the victim of a security breach that compromised data on payment cards used at Saks Fifth Avenue and Lord & Taylor stores in North America.

As many as 5 million cards may have been compromised, which would make the breach one of the largest involving payment cards over the past year.

Customers, investors, and regulators learned of this breach not through any press release issued by the company itself, but through news of the data a

Read more…

8028275279?profile=originalOrbitz said hackers may have accessed 880,000 credit card numbers and possibly the names, dates of birth, phone numbers, and addresses of consumers who booked through the site in 2016 and 2017.

The Orbitz data breach pales in comparison to the Equifax hack of 2017 and has been buried among headlines concerning Facebook. For many, this story barely counts as “news” because it’s just honestly not that “new.”

For me, the humdrum attitude of complacency is what makes the Orbitz data breach blogworthy.

Read more…
According to reports uncovered earlier this year, Volkswagen conducted diesel-emissions testing on humans and animals from 2013 to 2015.

This report is the latest development in a global scandal which revealed that VW diesel cars were emitting 40 times the legal standard of nitrogen oxide, causing smog and posing risks to public health. Volkswagen has already issued a guilty plea in response to federal charges of fraud and conspiracy in the United States and agreed to pay more than $26 billion in

Read more…
Facebook’s market capitalization dropped as much as $60 billion after reports emerged that Cambridge Analytica, the data consulting firm used by the Trump Campaign, was given the data of around 50 million Facebook users without their consent.

The Cambridge Analytica scandal is the latest in a series of risk management failures that have plagued the social networking company, which has been grappling with its role in the dissemination of fake news propaganda during the 2016 U.S. presidential elect

Read more…

8028269068?profile=originalThe Forrester Wave™: Governance, Risk, and Compliance Platforms, Q1 2018 evaluates and ranks the 14 most significant GRC platforms available, and LogicManager has been named a Leader! But beyond measuring the current offering, strategy, and market presence of GRC providers, the report also dives into the current risk climate.

As the report states, “Managing risk is more important than it’s ever been.” In support of this statement, the report points to three growing trends in the corporate world:

Read more…

8028273466?profile=originalThe Securities and Exchange Commission charged Theranos Inc., its founder and CEO Elizabeth Holmes, and its former President Ramesh Balwani with raising more than $700 million from investors through an elaborate fraud in which they made false statements about the company’s technology, business, and financial performance. 

The way I look at it, the board was either in on the Theranos scandal, or they weren’t aware of what was going on. Either way, the board was not performing their moral and legal

Read more…

8028266893?profile=originalThis month, Tiger Brands, the major food conglomerate in South Africa, is entangled in a major scandal. 950 have fallen ill and 180 people have died from listeriosis, which makes this the biggest food-borne illness outbreak in history.

In the unraveling of this scandal, I see a proof point for two growing trends:

First, enterprise risk management, although a relatively new industry and discipline, is globalizing. In the U.S., companies like Chipotle and Wells Fargo fail to tie their scandals to th

Read more…
The Federal Reserve’s unprecedented sanctions against Wells Fargo announced on February 2, 2018, is a warning to bank boards: Directors, not just management, will be held accountable for failures in risk management that result from a lack of proper oversight.

In addition to having to replace four of its board directors, the sanctions are constraining Wells Fargo’s growth. The Fed is prohibiting Wells Fargo from growing its balance sheet beyond the $1.95 trillion it held at the end of 2017. The ba

Read more…


Oxfam, one of the UK's biggest charities, was exposed this month to have had 87 claims of sexual exploitation and abuse involving its workers in the year ending April 2017, a 36% increase on the previous year.

In light of the ongoing Oxfam scandal, the Charity Commission, UK’s charity regulator, has launched an investigation of 179 British charities and agencies. So far, they have uncovered new claims alleging more than 120 workers have been accused of sexual abuse in the past year across 26 UK c

Read more…
With an effective enterprise risk management program, risks at vendor facilities would be uncovered and prioritized, and mitigations would have been put into place.

On February 16, 2018, the FDA announced that low levels of an animal euthanasia drug were detected in canned dog food produced by the J.M. Smucker Company. Smucker stock dropped by 3% resulting in a loss of more than US$ 400 million is market value.

In a statement, the company said that it had “identified the root cause to be a single

Read more…

Managing Risk in a Global Trade War

The announcement by U.S. President Donald Trump that his administration would be imposing tariffs on foreign imported steel and aluminum threatens to send the U.S. and its trading partners into a global trade war.

8028267887?profile=originalPrices of U.S. domestic steel are up approximately 20 percent since the beginning of 2018. This is due to expectations of “protectionist measures, which could prove a significant drag on steel consumers like the machinery, motor vehicle, and construction industries,” Capital Economics a

Read more…

8028260900?profile=originalRecently, Forrester Research published “GRC Vision 2017-2022: Customer Demands Escalate As Regulators Falter,” which explores challenges the GRC industry will inevitably face as it develops, and the proven solution that enterprise risk management provides. We’ve broken this report down to reflect our key takeaway: Approaches to governance, risk management, and compliance (GRC) must now consider the company’s consumer base, reputation, and ethical conduct.

Traditionally, approaches to GRC entail r

Read more…

8028252854?profile=originalWhen building a business case for risk management software, independent validations of customer success stories speak louder than marketing claims. Winona Health won the 2016 GRC Value Award, granted by industry analyst firm GRC 20/20. Winona’s rapid success with risk management software is just one example of just how powerful and versatile deployments are when they have: a true risk-based support, robust taxonomy technology, and flexible Software-as-a-Service deliveries.

As described in the cas

Read more…

According to QuickBase CEO, Allison Mnookin, “The low-code market has finally arrived.” Citizen development is helping enterprises slash IT backlogs and is empowering business users to build self-service solutions, particularly in the governance, risk, and compliance space.

When it comes to customizing and developing applications, it is often a catch-22. It can be difficult to get feedback without a prototype, yet you don’t want to develop a mockup until you understand exactly what the requiremen

Read more…

As a leader of an organization, one of the most important tasks is managing enterprise governance, risk, and compliance (GRC). At its core, a compliance program is a set of internal policies and procedures that are put in place at an organization to ensure compliance with all laws and regulations.

The importance of a robust compliance program is especially true in the wake of increasing regulations such as SOX, PCI, and HIPAA and the rapid transformation that has occurred in technology over the l

Read more…

    About Us

    The GlobalRisk Community is a thriving community of risk managers and associated service providers. Our purpose is to foster business, networking and educational explorations among members. Our goal is to be the worlds premier Risk forum and contribute to better understanding of the complex world of risk.

    Business Partners

    For companies wanting to create a greater visibility for their products and services among their prospects in the Risk market: Send your business partnership request by filling in the form here!