Reading Roundup: Fresh Ideas in Risk Management
If risk is on your radar, take a look through the articles and insights below. They might just challenge your thinking…in a good way.
By Christophe Veltsos (IBM SecurityIntelligence)
Excerpt: “ISO 31000:2018 focuses on the cyclical nature of risk management, helping security leaders understand and control the impact of risks, especially cyber risks, on business objectives. The various elements of the guidelines — from the principles to the framework and process — converge to improve and strengthen the organization’s ability to evaluate, communicate and consider risks in business decisions, and to select controls to help mitigate or transfer risks to fit within organizational tolerances.”
By Jim DeLoach (Corporate Compliance Insights)
Excerpt: “As no brand is immune to a crisis, it is evident today that crisis management is an integral component of effective reputation management. A rapid and effective response to a sudden and unexpected event can actually enhance reputation, as astute observers know that even the most respected organizations can and will be tested over time. In the corporate world, however, the unprepared pay a high price.”
By Stuart R. Levine (Forbes)
Excerpt: “If organizations don’t embrace disruptive technologies, they could be put out of business. If you embrace too early, you might be at risk and waste resources. These are conversations way beyond the IT department. How are these business risks controlled? Experts can frame the discussion around business, finance, technology, risks and threats. These can help to establish key metrics to think about every 6 months and recalibrate for new environmental factors.”
By Joe Mont (Compliance Week)
Excerpt: “According to the National Association of Corporate Director’s Public Governance Survey, only 35 percent of directors say they have a good understanding of the mood in the middle, and just 18 percent of them indicate they have a good grasp of the health of the culture at lower levels of the organization. That disconnect, and lack of empathy with a company’s many contingencies, is troubling.”
By Sarah Nord (Onspring)
Excerpt: “Identifying and managing risk within your own organization is challenging enough. When you add a diverse array of third-party relationships, the picture becomes exponentially more complex. Vendor risk management (VRM) professionals have the challenging task of uncovering and analyzing risk to prevent another company’s issues from becoming their own.”
Follow @Onspring on Twitter for more up-to-the-minute news for governance, risk management and compliance professionals.