Sustainability Risk Is Supply-Chain Risk

climate

Last week we reported on a study that captured the challenges of third-party risk management these days. Today we can take a deep dive into one specific slice of that challenge courtesy of Microsoft, and its quest to reduce carbon emissions in its supply chain. The news is as follows. Last week Microsoft released its…

Read More

ComEd’s Annual Compliance Update

ComEd

We have an update this week on the ethics and compliance transformation happening at Commonwealth Edison, the Chicago-based utility that suffered a huge corruption scandal in 2020 and pledged to release a series of progress reports on its journey back into good corporate graces.  ComEd released its 2023 report on Wednesday, and it’s a fascinating…

Read More

Help on Supply Chain Cyber Risks

supply chain

I hadn’t noticed this until now, but we have fresh help for audit and risk managers worried about cybersecurity risks in the supply chain: CISA, the top cybersecurity regulator in the United States, has published a short guide on how small and medium-sized businesses can navigate that challenge. CISA released the guide last week —…

Read More

Russia’s Effect on Supply Chains, Compliance Risk

supply chain

The Ethics & Compliance Initiative hosted its annual conference this week, including a panel discussion about Russia’s war against Ukraine and its long-term implications for corporate ethics and compliance. The speakers spooled out a bundle of useful observations, so let’s take a few minutes to recap those points and ponder them a bit more.  The…

Read More

ESG and Supply Chain Transparency

ESG

A report released this week demonstrates the challenges ahead as large companies try to stand up ESG programs that include their often vast supply chains, since many small suppliers are still struggling to stand up their own ESG efforts that you larger players can rely upon. The report comes from ISN, which acts as a…

Read More

Another Look at Cybersecurity Shortcomings

cybersecurity

The other week the Biden Administration issued an executive order to improve cybersecurity across the federal government. Now we have a peek at just how bad numerous government agencies are at the task — and what steps they’re likely to take to improve the situation, which could affect government contractors providing IT services. Said peek…

Read More

Lessons Ever Given on Risk, Control 

For several days now I’ve wanted to discuss risk management and compliance lessons we could learn from that cargo container ship trapped in the Suez Canal, but I was stuck on exactly what to say about it.  My thoughts finally dislodged (that’s the last pun, I promise) after reading a superb analysis in the Financial…

Read More

Climate Change Risk and Supply Chains

climate

Let’s say you are a large manufacturing, retail, or industrial concern; and you want to assure that your supply chain won’t be disrupted by climate change. How would you actually assess and quantify that risk?  That’s not a hypothetical question for large businesses. As global warming continues, extreme weather events become more frequent and more…

Read More

Supply Chain Risk: We’re Looking at It Wrong

supply chain

I was reading the New York Times this weekend when an article jumped out at me: yet another example of misconduct in a large company’s supply chain suddenly bursting into public view, bringing grief to a company that clearly hadn’t known trouble was afoot. Ethics and compliance officers should take note. When we dissect exactly…

Read More

More on Compliance, Audit, and Supply Chain Fraud

Deloitte today published some fresh research confirming what many compliance officers probably already suspect: supply chain fraud continues to be a serious problem for many companies, and one that most organizations aren’t terribly adept at fighting. The fundamental problem is how to fit modern anti-fraud procedures into global corporations’ convoluted payment approval process. We have…

Read More