As with so many regulatory mandates, the development of an ORSA Summary Report is dependent upon much more than just data. Regulators are looking beyond the final numbers to determine if organizations are meeting the mandate, and the process used to get that final report is under equal scrutiny. While your organization’s risk management framework […]
Risk Management
Posted inAnti-Bribery
Are Your Business Partners Letting the Hackers In?
For Target, it was a heating and air conditioning company. At a large oil company it was a nearby Chinese restaurant. Hackers increasingly use third-party relationships to gain access to computer networks and steal data. The trend means that companies need to conduct even better due diligence on third-party relationships than they do already. And here’s the hard part: Even the smallest, most insignificant relationship can be the avenue for a breach. More inside.
Posted inRisk Management
HHS’s Plan to Target Data Security in 2015 Means More Audits
The Department of Health and Human Services plans to raise the bar on data security in the healthcare industry in the year ahead. The renewed focus likely means more audits and enforcement actions for providers and insurers. On HHS’s checklist are required contingency plans that establish procedures for responding to an emergency in the event that systems containing personal health information are damaged. More inside.
Posted inRisk Management
SWIFT to Offer KYC Service for Banks
Financial services firms will soon have at their fingertips a new report offered by SWIFT that provides a global overview of a banking institution’s correspondent banking activities. The new service will be available in January 2015 and forms part of SWIFT’s Know Your Customer (KYC) offering, which is designed to address the growing KYC challenge for banks. Details inside.
Posted inAccounting & Auditing
Auditor Evaluation Report: Peer Benchmarking, Auditor Profile and Risk Indicators for the Audit Committee
There are two truths about corporate compliance: No universal solution exists for all businesses, and everyone wants to know what everyone else is doing. As part of our effort to better serve the compliance community, we are pleased to introduce Compliance Week Data & Research Division. With this report, we listen to your company’s specific […]
Posted inInternal Controls
The Real Data Breach Risks Are Right Under Your Nose
While companies fret about shadowy hackers based in Russia and China hell bent on stealing customer information, employees—not cyber-criminals—pose the biggest threat to create data breaches and data loss, according to a recent study. Ungoverned and negligent file-sharing by employees is hitting epidemic proportions: More than half of respondents to a recent survey say they ignore company deletion policies or use unapproved file-sharing apps at work. More inside.
Posted inAnti-Bribery
TRACE Launches Business Bribery Risk Index
Image: Title: WrageNov. 11—TRACE International has announced the launch of the TRACE Matrix, a business bribery risk index aimed at the compliance community. Developed in collaboration with research firm RAND, the TRACE Matrix focuses specifically on business activity, rather than broad corruption measures, providing companies with the ability to assess their anti-bribery risks is various countries. “The TRACE Matrix provides the compliance community with a clear guide to business bribery, focusing specifically on the data that is relevant to business activity,” said TRACE President Alexandra Wrage. Details inside.
Provided by
White Paper: Identifying Vendor Risk
An effective vendor relationship management program starts with knowing what the risks are. You can’t manage what you don’t know; therefore, you need to create assessments that help you clearly identify the risks of doing business with third parties. This includes vendors, service providers, suppliers, contractors, and other people and companies with whom you have […]
Posted inRisk Management
Managing Cyber Risk: Are Companies Safeguarding Their Assets?
To get a better grasp on how U.S. boards are handling cyber security roles and responsibilities, NYSE Governance Services, Corporate Board Member and RSA, in association with EY, surveyed more than 200 audit committee members this spring on a variety of issues regarding their cyber risk oversight program. This paper will outline the top-line issues surrounding cyber risk oversight and highlight the findings of our study on directors’ opinions related to their role in cyber risk oversight.
Posted inRisk Management
Risk Intelligence: Harnessing Risk, Exploiting Opportunity
This RSA white paper explains how organizations can change discussion about risk from the “risk landscape” to the “opportunity landscape.” Organizations need to show how proactively managing risk becomes an enabler to explore opportunities, rather than simply avoiding landmines.
