Posts Tagged ‘risk management’

Boards Freaking Over Digital Risks

Protiviti has released its annual report on enterprise risks worrying the corporate boardroom, and across all 10 risks likely to occupy your time in 2019, one theme shines through — unease about corporations moving into a digital world. The report surveyed more than 800 senior executives and board directors around the world, across a host…

Read More

Dispatches From Thomson Risk Summit

Thomson

Thomson Reuters held its latest Risk Summit today in New York, and while I didn’t attend in person this year, those who were there did a superb job talking about the event all day on Twitter. So without further day, here are a few of the more interesting and good points raised. (Yes, really. Sometimes…

Read More

Another Strategic Advantage Compliance Brings

Not long ago, a study landed on my desk from North Carolina State University and Protiviti, listing the biggest risks on the minds of boards and senior executives as we enter 2018. Most of the risks weren’t surprising: speed of business disruption, volatility in financial markets, vulnerability to cybersecurity attacks. One risk, however, stood out…

Read More

Compliance Lessons: Credit Suisse vs. Wells Fargo

One big lesson for compliance and audit executives this year will be the risks that swirl around compensation and incentives. Wells Fargo will be Exhibit A in that discussion, and rightly so. Still, the more I look at the SEC’s enforcement action against Credit Suisse last week, where it fined the bank $90 million for…

Read More

Do We Have a Problem With Compliance Risk Assessments?

This week I dove into PwC’s annual State of Compliance Report, reading the report itself and eavesdropping on a webcast with the PwC compliance gurus who wrote it. The study has plenty of data worth reading, and one conclusion from that data jumped out at me immediately. We have some disconcerting patterns emerging in how…

Read More

More Risks With Decentralized Business: IT Projects, Culture

Last week we had a post about managing third-party risks at decentralized organizations. Today I want to revisit that subject and look at two specific issues that arise from a business structure like that—IT projects, and fostering a strong culture. Let’s begin by repeating the theme of last week’s article: decentralized organizations challenge the notion…

Read More

Third-Party Risks in Decentralized Organizations

Not long ago I came across a study of third-party risk management that Deloitte published earlier this summer. I wish I had found it sooner, because it’s crammed with useful insights. So let’s get into it. The report’s big reveal is right in its title, Third-Party Governance & Risk Management: Addressing Challenges of Decentralization. Deloitte…

Read More

Govt Agencies Embark on ERM Adventure

An experiment is about to begin in the government sector: federal agencies are going to try embedding enterprise risk management into their operations. risk and internal control professionals in the private sector might want to watch this effort and see how it goes. Final word on the ERM initiative came down last week, when the…

Read More

More Clues on Draft ERM Framework

erm framework

COSO Chairman Robert Hirth visited Boston yesterday, speaking to the CAE Leadership Forum about COSO’s proposed new framework for enterprise risk management. I was lucky enough to attend and Hirth raises some excellent points about how COSO wants to help companies implement ERM, so let me recap the highlights here. First, we mentioned in this…

Read More

Draft ERM Framework Is Here! How to Get Started

erm framework

Sharpen your pencils, all enthusiasts of enterprise risk management: COSO has unveiled its new draft framework for ERM and is calling for public comment. The exposure draft is available on the COSO website, and the comment period runs from now until Sept. 30. This is COSO’s first update to the ERM framework, which it originally…

Read More