On March 29, 2018, Under Armour announced that the data of over 150 million users of the MyFitnessPal diet and fitness app was exposed in February of this year.

User data included usernames, emails, and passwords. The company put a PR spin on the breach by disclosing that government-issued identifiers like Social Security and driver’s license numbers, as well as credit-card information, weren’t compromised. In an email to MyFitnessPal users, Under Armour emphasized the affected passwords were “ha

The Never-Ending Journey: In Search of Product-Market-Fit

You know that reporting is essential to a successful Vendor Risk program... it helps you highlight problem areas and prioritize your time spend. It can also help you to assess more vendors, score questionnaires faster and better demonstrate to management and regulators the breadth and performance of your program. To learn which reports are essential for a successful program, download The 8 Reports You Need for Effective and Efficient Vendor Risk Management, 

A few years ago, insurers were busy trying to figure out what IoT was and what it could do. But spotlighting the technology, all too often led to products and services with little customer appeal.

The lesson was clear – put customers front and center and develop services that build an exceptional experience around a device. To put it simply, the value is not in the technology itself, but in the service proposition that the technology enables.

Making the most of today’s technology, today

There are

My last few blogs have been about the boardroom. The need to tap into the board’s experience, by asking them the right questions and the approach management should be taking in their relationship with the board. This blog is about ensuring the board’s oversight is first class, triple A if you like.

Management and the board are making decisions under uncertainty. Therefore, the board needs two things to help ensure appropriate oversight. One is a sound decision-making process to manage blind spots

Facebook’s market capitalization dropped as much as $60 billion after reports emerged that Cambridge Analytica, the data consulting firm used by the Trump Campaign, was given the data of around 50 million Facebook users without their consent.

The Cambridge Analytica scandal is the latest in a series of risk management failures that have plagued the social networking company, which has been grappling with its role in the dissemination of fake news propaganda during the 2016 U.S. presidential elect

Forget the Federal Reserve and its prohibition against Wells Fargo’s further growth until its governance and risk management improve. Wells Fargo is now answering to Sister Nora Nash of the Sisters of St. Francis of Philadelphia.

The much-maligned bank has agreed to publish a business standards review to “investigate the root causes of systemic lapses in governance and risk management that have led to ongoing controversies, litigation and fines” in response to resolution filed for the 2018 proxy

Designing for Digital—Lessons from Spotify

Source: MIT CISR

Abstract: To remain competitive, established companies are increasingly recognizing the need to develop digital offerings. Digital offerings, however, are dependent on software. Unlike traditional products and services, software-based offerings constantly evolve in response to both customer demands and new opportunities to address customer needs. To support digital offerings, companies must adopt new organizing principles—specifically, em

There is temptation in the world of management. With regulatory scrutiny increasing and cost a concern, free vendor management checklists seem like an easy solution. But is that free checklist going to cost you down the road?

My experience says yes.

Free vendor management checklists are a disaster waiting to happen. From misclassifying vendor risk and misallocating resources to failing to provide an actual process for execution, vendor management checklists lack the nuance needed to help an instit

The Forrester Wave™: Governance, Risk, and Compliance Platforms, Q1 2018 evaluates and ranks the 14 most significant GRC platforms available, and LogicManager has been named a Leader! But beyond measuring the current offering, strategy, and market presence of GRC providers, the report also dives into the current risk climate.

As the report states, “Managing risk is more important than it’s ever been.” In support of this statement, the report points to three growing trends in the corporate world:

Do you think of your board as your customer? You probably do. If you don’t this might give you some food for thought:

In his book EMERGENT, Stephen Scott Johnson talks about the old ways of building a relationship with your customer and the new, EMERGENT ways. His focus is heavily on co-creation. It’s more partnering than servicing.

A board and executive are operating in partnership. That means there should be a lot more co-creation than reporting. In EMERGENT, Johnson provides a long list of the

Do you ever use the same password over and over again for different accounts? If so, you are not alone. However, this is quite dangerous. It’s best to use a different, unique password for each account, and to make it easier, you should use a password manager.

According to surveys, people understand that they should use unique passwords, and more than half of people get stressed out due to passwords. Furthermore, about 2/3rds of people said that they had forgotten a password or that a password iss

Zero to $50M – A Roadmap of the Key Stages, and How to Win at Each Stage

The Securities and Exchange Commission charged Theranos Inc., its founder and CEO Elizabeth Holmes, and its former President Ramesh Balwani with raising more than $700 million from investors through an elaborate fraud in which they made false statements about the company’s technology, business, and financial performance. 

The way I look at it, the board was either in on the Theranos scandal, or they weren’t aware of what was going on. Either way, the board was not performing their moral and legal

This month, Tiger Brands, the major food conglomerate in South Africa, is entangled in a major scandal. 950 have fallen ill and 180 people have died from listeriosis, which makes this the biggest food-borne illness outbreak in history.

In the unraveling of this scandal, I see a proof point for two growing trends:

First, enterprise risk management, although a relatively new industry and discipline, is globalizing. In the U.S., companies like Chipotle and Wells Fargo fail to tie their scandals to th

marcus evans will host the Innovation in Insurance Pricing Conference on May 23-24, 2018 in New York. This conference will give insurance firms a critical insight and the practical expertise to innovate their pricing techniques within their personal lines. Delegates will understand how to enhance their data analytics and leverage big data to augment the quality and efficiency of current pricing strategies, in order to out price their competitors. You will develop your strategy to align insurance

Competition and Business Strategy in
Historical Perspective -Harvard Business
School Note

I taught this course at IFAG, Lyon, France, back in 2009 as part of a Fourth Generation Management course (the Deming Philosophy of Management) to national (French) and international students from all over the world.

This course presented a nice summary of competition and business strategy in historical perspective so that the students can understand the evolution of business and management ideas that shaped

Last week my blog was about the need to tap into board experience. Today I write about how boards need to be asked the right questions to provide their experience, to lead. Executive teams should ask their boards quite explicitly:

• About Risk – What risks do they see with the strategy? What emerging risks to the organisation do they see from their experience outside of the boardroom.

• About Opportunity – What opportunities do they see to improve the strategy? What opportunities do they see that the