Two Common Misperceptions About Risk Management
The “Three Lines of Defense” theory to risk management is very much in vogue today, along with maturity models to understand how strong your risk management program is. This week, columnist Rick Steinberg takes both ideas to task. The three lines concept too often paints risk as something to be ...
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
ArticleHow compliance officers can apply COSO’s ERM Framework in practice
Representatives from the Committee of Sponsoring Organizations of the Treadway Commission and its partners explain how to implement the organization’s latest guidance on identifying, monitoring, and mitigating compliance risks.
-
ArticleCOSO report: Elevating compliance leads to more informed decision-making
Many compliance departments are not independent, but instead report to other departments. COSO recommends compliance be separated out into its own division, led by a chief compliance officer with an executive-level position.
-
ArticleNIST guidance tackles how to integrate cyber-security with ERM
New guidance from NIST aims to demystify a process with which many companies across all industries have long struggled: how to seamlessly integrate cyber-security risk into an overall enterprise risk management program.