An interesting post for anyone talking internally with their team on building a homegrown solution versus purchasing a solution to streamline Third-Party Risk Management. Of course, it's written from the perspective of a software vendor (that's what we do) but the benefits of having a voice in the discussion of what goes into the next generation of a product as a customer in a community of like-minded individuals or knowing that multiple times a year new features will be added can influence this
All Posts (5855)
Sort by
Inspire, Enable, Engage, Empower Your Workforce as Never Before and take your Leadership Team toward Becoming Strategic Leadership
Dr. Ted Marra
Professor Dr. Emeritus, Strategic Leadership, Cotrugli Business School
Sr. Partner, Insights Paradigms
The author of the popular online course: Becoming the Strategic Leader in 6 weeks by Cultivating Your Strategic Thinking
Background
For some years now I have watched organisations around the world talking about how their employees are their greatest asset, y
What is a credit freeze? It’s an action you take to lock down your credit report. A lender can’t see your score, which means your Social Security number and credit rating is useless to them. In other words, they can’t tell if you are risky or not.
When an identity thief can access your ID aka Social Security number, they can also create credit in your name. However, if your credit file is frozen, the bad guys can’t access it any longer. With a credit freeze, your credit file is inaccessible.
To ge
Security experts are observing a rising level of malware strains, which are trying out the Spectre and Meltdown vulnerabilities.
As reported by the researchers from Fortinet, AV-TEST, and Minerva, a number of crooks test the publicly available proof-of-concept (PoC) computer code for the Spectre (CVE-2017-5715, CVE-2017-5753) and Meltdown (CVE-2017-5754) vulnerabilities.
AV-TEST experts have identified 119 virus samples, which are linked to the above-mentioned chip vulnerabilities.
Virus samples d
By Daniel Nunes-Vaz, Senior Research Executive, Center for Financial Professionals.
In recent years operational risk has grown as a discipline and is now viewed as an integral aspect of any risk management department. This is predominantly a consequence of the most recent major financial crisis where the management of operational risk was partly blamed as a significant contributory factor in the collapse of global markets. Since then, the risk management and operational risk landscape has chang
Did you know that according to research every year 2 million individuals enter leadership positions and 60% fail?
According to Dr. Ted Marra, most often the root cause is a failure to think strategically.
Research says most executive development is disconnected from the real needs of the organization and those who must lead it.
Learn what it takes to transform yourself to become a Strategic Leader.
1. What are the certain actions performed by Level 5 leaders which separate them from the rest o
Certified ethical hacker training is commonly denoted as the course that teaches you to break through your own or your company’s computer/s in a legitimate and official manner to find out the existent vulnerabilities and to assess the safety bearing of the target system. Certified ethical hackers use the same tools and knowledge that malicious attackers exploit and execute the indicated defensive, counteractive and protective actions to protect the system from any breach in future.
The ethical ha
Last week I read an article by The Boston Consulting Group called Business of Business is No Longer Just Business. In it they describe the heightened levels of uncertainty facing business leaders using examples of political, economic and technology upheavals. They went on to describe five things leaders should embrace to manage complexity:
- Build multilevel scenario analysis skills
- Become more resilient
- Shape the system
- Recreate the narrative
- Reframe leadership
In my mind they are asking leaders in org
Northwestern Mutual’s Digital Transformation: Redesigning IT
Source:
MIT-CISR
Author(s): Sebastian, Ina, Beath, Cynthia M., Ross, Jeanne W.
Type: Working Paper
Topics: Design/Management of the IT Unit, IT-based Business Transformation
Date: 2017-10-26
Abstract: While in 2017 Northwestern Mutual had been in business for 160 years, management believed that success in the digital economy would require delivering digital products and services to extend the value that customers were receiving from the compa
Digitized ≠ Digital
By:
Ross, Jeanne W.
Beath, Cynthia M.
Sebastian, Ina
MIT CIRS
Abstract: To succeed in the digital economy, companies need to be both digitized and digital. Despite the similarity of the words, there is a big difference. Digitization is an operational necessity and involves standardizing business processes. To become digital, leaders must articulate a visionary digital value proposition for customers and deliver it in the form of digital offerings. This briefing clarifies what is in |
Recently I was listening to an interview with retired Australian cricket captain Michael Clarke. He was asked how he felt when he scored his first century (100 runs) for Australia. He described incredibly strong emotions. The interviewer then commented how funny it was that a score of 98 had no comparison. Clarke agreed wholeheartedly.
It reminded me of a section in my book DECIDE How to Manage the Risk in Your Decision Making, titled Beware of Milestones. In it I tell stories about three elite s
As you likely know, GDPR (the EU’s new General Data Protection Regulation) takes effect in May 2018. Are you ready? If your organization stores or processes EU citizen or resident personal information – any information that can be used to directly or indirectly identify someone – you need to know about GDPR.
But did you also know you that you are responsible for the personal data managed by your third-party vendors? Enterprises are responsible for the EU personal data managed by their own third p
IT has become an integral part of many organizations, both small and large. While some companies have an in-house IT and software team, others prefer to outsource. In some instances, even the former at some point may need to outsource the services of an IT solution company. There are numerous IT companies in the market. As a result, it can be confusing to choose a suitable one. Below are some important things to consider when choosing an IT solution company.
- Company’s previous work
Consider whethe
How To Measure The Business Value Of Your Digital Transformation: Can Industrial Era Metrics Mislead You Into The Wrong Decisions And Failed Digital Transformations?
Towards new holistic strategy execution measure of risk and performance for digital transformations
Over 50% of the “2000-Fortune 500” does not longer exist and according to Cisco’s John Chambers, “probably 40% of today’s businesses will fail in the next 10 to 15 years; 70% will attempt to transform themselves digitally, but only 30%
Think about how great this would be: Imagine that all of your company data is safe from hackers. Your hardware is totally safe and secure. You have IT specialists at your disposal at all times and have a constant flow of cash to pay them.
Unfortunately, this is a fantasy for most of us. No matter how secure we think our network is or how much we pay our IT people, there is always a chance for a data breach. Does this mean we should stop the fight, though? No way.
Instead of throwing in the towel,
Chipotle needs risk management rehab. In less than two years, the Mexican grill has changed CEOs twice in an effort to regain their once-held reputation as a beloved fast-food chain. A new CEO, however, isn’t the solution. Multiple cases of food-borne illness before, during, and since executive switch-ups have proven the restaurant needs to adopt a stronger enterprise risk management process.
Let’s consider a timeline of events:
- 2015 – coli outbreaks linked to Chipotle restaurants were detected by
The December 2017 Verizon Data Breach Digest focused on the use of cloud services and is worth a read. The Digest identified key issues that you should be aware of:
- Location of Systems and Data – If you need to access your cloud assets do you know where it is? Know that there are different rules governing cyber facilities in different jurisdictions which may, or may not, be a concern.
- Physical Access – If you need access to your data and services will it be allowed and facilitated?
- Forensic access
Join Global Risk Community for a webinar on How To Identify And Measure Your Strategy Execution Risk
What sank the Titanic and is sinking some of our great companies? What will separate future winners from losers?
50% of the Fortune 500 companies in the year 2000 do not longer exist because they were not able to measure and predict their strategy execution risk and link their decisions to the results of their decisions.
By the end of the webinar you will be in a better position to identify the ri
Steve, one of my clients, sent me this article from the Harvard Business Review Overcome Resistance to Change with Two Conversations. I liked the article for two reasons. One because it talks about conversations and I am nearly finished writing a new book called Winning Conversations: How to Engage (Even around Risk or Bad News) - watch this space. And the second because it talks about resistors, or as I referred to them in the subject line, poo poo-ers.
The resistors got my attention because so
