All ERM articles – Page 3
-
Article
Taming Vendor Risks Continues to Flummox Compliance Programs
Image: Vendor risks driving you crazy? Well, you are not alone. In a recent survey compliance and audit professionals gave their vendor risk management programs an overall score of only 2.8 on a 1 to 5 scale. Thankfully, corporate boardrooms are paying more attention now. “It’s risen to a level ...
-
Blog
Breaking Risk Management Down to Manageable Size
Effective risk management may seem daunting, and many companies say they fell victim to misconduct because nobody ever considered whatever risk event came to pass. The reality, Compliance Week columnist Rick Steinberg writes, is that many risks have happened before, and companies can anticipate them. Inside, he reviews the building ...
-
Blog
Mid-Year Look at Corporate Compliance in 2015
Image: Six months ago Compliance Week Editor Matt Kelly picked six events to watch in corporate compliance for 2015: political risk, Republican activism, confusion over revenue recognition, and more. With the year half over—and in the interests of holding people accountable, including Compliance Week editors—now seems a good time to ...
-
Blog
Get Ready For the Biggest Stress-Test of Them All
Image: Greece in default, China teetering on recession, stock markets shuddering worldwide and interest rates poised for their first increase in years—suddenly, all those exercises in risk management that banks have done in the Dodd-Frank era face their ultimate test. The only problem, writes Compliance Week editor Matt Kelly: Dodd-Frank ...
-
Blog
Is CEO Pay Over the Top?
Proxy season is now over, littered with the usual adjectives about CEO pay: “supersized,” “outsized,” “piggish,” “outrageous,” and “embarrassing.” This week, columnist Rick Steinberg sounds a cautionary note amid the complaints—that CEOs are still critical to an organization, and hiring the right one encompasses a blizzard of detail. The board ...
-
Article
Demystifying the Risks of Board-Level Risk Committees
Image: In the wake of the financial crisis, many large financial institutions created new, board-level risk committees to oversee their most critical risk issues. For other industries, the decision to create a risk committee isn’t so simple—and isn’t without some risk-taking itself. “You have to guard against the risk that ...
-
Article
Compliance Trends in 2015: More Authority, More IT Uncertainty
Good news for compliance officers in existential crisis: A majority of CCOs are now part of the senior management teams at their businesses, and they have more authority than ever before. Those are two among many findings of the 2015 Compliance Trends Report, the annual survey of compliance leaders conducted ...
-
Blog
What Really Serves Shareholders’ Best Interests
Proxy season is upon us, which means the annual call in many boardrooms to shake up the board of directors. Replacing directors does occasionally make sense, Compliance Week columnist Rick Steinberg says—but that’s not the same as surrendering to every activist’s demand for new people in the boardroom. Inside, Steinberg ...
-
Article
Q&A: How E*Trade Recovered From the Financial Crisis
Image: As part of our occasional series of conversations with compliance and risk executives, we caught up with Michael Pizzi, chief risk officer at E*Trade Financial. Prior to the financial crisis, E*Trade had made sizable investments in mortgage-related assets—toxic assets whose value ultimately plummeted, resulting in substantial writedowns for the ...
-
Article
Running in Place or Winning the New Race?
Image: Our GRC Illustrated series returns this week, looking at how compliance programs can keep pace with new ways of communicating within business and with the new employees who use them. That will mean addressing multiple audiences through multiple channels, and it will pose new challenges for policy management, training, ...
-
Article
Shop Talk: Managing Vendor Risk
Pop quiz: Try to name a recent example of corporate misconduct that did not somehow include a company’s vendors or third parties. It’s not easy, and third parties are now a huge part of the compliance officer’s responsibility. In our latest Compliance Week executive forum, we gathered a dozen CCOs ...
-
Blog
Two Common Misperceptions About Risk Management
The “Three Lines of Defense” theory to risk management is very much in vogue today, along with maturity models to understand how strong your risk management program is. This week, columnist Rick Steinberg takes both ideas to task. The three lines concept too often paints risk as something to be ...
-
Article
How to Impose a Travel Policy Without Strangling Anyone
Compliance officers can pick fights with employees over any number of workplace policies. But if you really want daggers drawn and subversive battles at every turn—impose a policy on business travel. Inside, we look at how to defuse that policy management time bomb, as well as the collateral legal damage ...
-
Article
Gap Analysis: C-Suite Struggling to Define Risks
Image: Despite consensus that risk is a big deal—something companies should manage aggressively—recent academic research suggests that boardroom leaders focus on vastly different risks than compliance, audit, and risk executives do. “I wonder if there is a lack of understanding of the views of risk across the management team,” says ...
-
Blog
Survey: Audit Execs’ Cyber-Fears Run Deep
Image: Nearly 7 in 10 internal audit leaders participating in the IIA’s annual “Pulse of Internal Audit” survey ranked cyber-attacks and other security issues as a major concern, but only about one-third said they have high confidence in their organizations’ ability to address such risks. IIA President Richard Chambers says ...
-
Article
When Enterprise Legal Management and GRC Collide
Software vendors offer a range of products known as “enterprise legal management” to help the legal department analyze spending, discern patterns, and manage costs. Given that many legal costs are the result of some governance or compliance risk, is there an opportunity to use enterprise legal data to improve your ...
-
Article
Practical Ideas on Managing Reputation Risk
Image: Reputation risk is the strategic business issue for many boards and senior executives today, and yet few know how to address it well. “Reputation is an ‘amplifier risk,’ because it attaches itself to other risks,” says Andrea Bonime-Blanc, head of consulting firm GEC Risk Advisory. She and others recommend ...
-
Blog
The Logic Behind COSO’s ERM Framework Update
Even as compliance officers are still digesting the updated COSO framework for internal controls, COSO has set its sights on what’s next: an update to its enterprise risk management framework, likely to arrive sometime in 2016 or so. Why ERM? Why now? Inside, Compliance Week columnist Rick Steinberg walks us ...
-
Article
What Critics Say on Three Lines of Defense
The Three Lines of Defense model for risk oversight—business units in the first line, compliance in the second, internal auditors in the third—has been hugely popular in recent years. Proponents love it, and regulators have come to expect it. Critics, however, say the Three Lines model is too simplistic a ...
-
Article
Paths to Globalizing Your Code of Conduct
Image: A thoughtful and well-drafted Code of Conduct is the cornerstone of any strong corporate compliance program. Making that cornerstone strong enough to support a compliance program worldwide, spanning all manner of cultures—that’s the tricky part. “We’re constantly trying to figure out better ways to deliver our message while keeping ...
- Previous Page
- Page1
- Page2
- Page3
- Page4
- Next Page