The National Institute of Standards and Technology is seeking comment on a revised version of its cyber supply chain risk management guidance that is intended for a broader audience of public and private companies.
Supply Chain
Posted inEurope
German supply chain draft legislation expected to have far-reaching effect
Companies of a certain size with ties to Germany must soon establish robust due diligence procedures to prevent human rights and environmental abuses both within the course of their own business activities and within their global supply chains.
Posted inEthics & Culture
Guiding FedEx through pandemic, Justin Ross named CCO of the Year
Companies across the globe faced a true test of competency this past year. FedEx passed the challenge with flying colors under the oversight of Justin Ross, CW’s CCO of the Year at the 2021 Excellence in Compliance Awards.
Posted inRisk Management
Bracing for impact: Supply chain risk management post-Suez Canal blockage
A month has gone by since a 1,300-foot cargo ship ran aground and blocked one of the busiest waterways in the world. For many industries, the ripple effects will continue to batter global supply chains for weeks to come, absent having in place a sound supply chain risk management program.
Posted inRisk Management
USTR threatens tariffs on 6 trade partners in response to digital taxes
The United States Trade Representative is seeking public comment on the potential implementation of tariffs of up to 25 percent on a long list of goods by six U.S. trading partners, including the United Kingdom.
Posted inInternal Controls
Suez Canal blockage serves as reminder for key supply chain risk lessons
The grounding of the Ever Given is the latest unexpected incident to cause severe supply chain disruptions around the world. The lessons learned from others, such as the coronavirus pandemic, are just as relevant, writes Aaron Nicodemus.
Posted inEthics & Culture
Northern Ireland turns up heat on modern slavery transparency
Northern Ireland Justice Minister Naomi Long has launched two consultation documents on measures to eradicate modern slavery from the supply chains of public- and commercial-sector organizations.
Posted inInternal Controls
SolarWinds hack turning into Pandora’s box of cyber-risk
The more we learn about the SolarWinds hack, the more troubled compliance officers should be by the scope and breadth of the risks their companies might have incurred.
Posted inInternal Controls
Learning from SolarWinds: Five steps to fortify your cloud supply chain
For most companies, supply chain risk management traditionally focuses on managing physical third-party risks. But what the SolarWinds cyber-attack revealed is the catastrophic havoc fourth and fifth parties can also wreak in the often-ignored cloud supply chain.
Posted inInternal Controls
Assessing 2020: Lessons learned for the financial crime landscape
This year has been one most of us would like to forget. As we look toward 2021, nevertheless, it is worth considering lessons learned over the last 12 months and (where possible) drawing on any positives that have come to light regarding the financial crime landscape.