Category Archives: Risk Management

Posted by

“Why Excel is just not good enough” – Part 1

  I was on a call the other week with the Enterprise Risk Manager of a relatively sizable multi-national corporation (over 20,000 employees across a few hundred locations on nearly every continent), and she said something that got me thinking. She said, “For us, right now – Excel is good enough.” I responded by saying […]

Ransomware Cyber-Attacks: Best Practices and Preventive Measures
Posted by

Ransomware Cyber-Attacks: Best Practices and Preventive Measures

RANSOMWARE CYBER-ATTACKS “WanaCrypt0r 2.0” or “WannaCry,” an unprecedented global ransomware cyber-attack recently hit over 200,000 banking institutions, hospitals, government agencies, and other organizations across more than 150 countries. The ransomware encrypted user data, and demanded a payment in bitcoins to unlock the data. The companies that were hit included Telefonica – Spain’s largest telecom provider, […]

Uncover and Mitigate Third-Party Risks
Posted by

Uncover and Mitigate Third-Party Risks

Third parties have become an integral part of any business operation. However, the threats and issues arising from third-party engagements require enterprises to gain an in-depth understanding of their entire global third-party ecosystem. Failing to curb third-party risks can lead to severe reputational damage and loss of stakeholder and customer trust, but assessing third parties […]

Eluding Operational Risk Failures in Banks
Posted by

Eluding Operational Risk Failures in Banks

The solidity of banks and financial institutions was tested in the financial crisis of 2003 and 2008. The best of banks were shown to have poor governance frameworks, overlooked internal controls and had a lack of adequate monitoring of loss exposures. Although the core reason of the crisis was liquidity risk and credit risk, a […]

Crowdsourcing: Enriching Corporate Data for Risk Management
Posted by

Crowdsourcing: Enriching Corporate Data for Risk Management

Crowdsourced information from internal and external sources can enrich insight generated by governance, risk and compliance (GRC) teams to help companies mitigate risk and perform better in challenging environments. The public and collaborative nature of unstructured shared data sources (such as social media) can bring issues of interest to light faster than they may show […]

Principles of an Effective Cybersecurity Strategy
Posted by

Principles of an Effective Cybersecurity Strategy

Managing Cybersecurity Risks A number of trends contribute to today’s reality in which businesses can no longer treat cybersecurity as an afterthought. These include a rapid increase in the number of internet connected devices, an increased dependency on third party applications, self-provisioning as a result of bring-your-own-device and public cloud. Add to these, unprecedented levels […]

Basel IV: The Next Step for Capital Requirements
Posted by

Basel IV: The Next Step for Capital Requirements

Basel IV will certainly have operational impacts on the day-to-day governance and risk management of financial institutions – but it also stands to have a wider impact on the competitive banking market. These effects could include industry consolidation and a change in banking portfolios, which could eventually lead to a reduction in choice for their […]

Governance at the C-Level: The Evolution of the CRO and Other Factors Driving Risk Management
Posted by

Governance at the C-Level: The Evolution of the CRO and Other Factors Driving Risk Management

Organizations continually adapt as markets, operating environments and demands change. Business roles, responsibilities and management structures have shifted in the face of today’s mobile, social, global and networked world. To keep pace with this change, responsibility for governance, risk management and compliance (GRC) has moved up the hierarchy and, appreciating its significance in driving business […]

Risk-based Thinking: Does it Really Matter for Quality?
Posted by

Risk-based Thinking: Does it Really Matter for Quality?

“Risk-based thinking”, as an approach, have left organizations torn between whether this approach really matters and makes a difference to the business or whether their risks are addressed the way it should be. With the revision of ISO 9001:2015, this confusion spread like a wild fire. Stringent compliance requirements and timelines have instigated a sense […]