Blog Posts Tagged with "Enterprise Risk Management"

59d9b46aa00c70238bb89056cfeb96c0

How Do You Change an Unhealthy Compliance Culture?

August 29, 2012 Added by:Thomas Fox

The best way to effect culture “is to combine strong leadership with the existing internal elements of a healthy corporate culture... while it may take as long to create a good culture as it does to establish a good reputation, a strong set of values is usually harder to destroy unless the company is itself dismantled..."

Comments  (0)

82ac4cd789b46af43c0cde730625317e

Why Data Security and Enterprise Risk Management are Important

August 28, 2012 Added by:Christopher Rodgers

Management sometimes assumes that when they have identified and summarized the top risks to their organization through a Strategic Risk Assessment, that they have implemented ERM. This is simply not the case. Strategic Risk Assessment is an important component of ERM and usually a starting point, but not a final destination...

Comments  (0)

6462807771e81d9c33eb99307f5f3e77

Assessing Risk Management Culture to Better Understand the Characteristics of ERM Programs

August 27, 2012 Added by:Michele Westergaard

The past 24 months have seen a number of disasters bring risk management to the forefront of executives and board directors. Whether natural disasters such as the Japanese Tsunami or man-made such as the Gulf of Mexico oil spill, fat-tail disasters have created a renewed interest in enterprise risk management...

Comments  (1)

59d9b46aa00c70238bb89056cfeb96c0

How Do You Change to a Culture of Compliance?

August 23, 2012 Added by:Thomas Fox

Unlike the insurance industry, which helps companies manage risks through financial instruments, risk management attempts to avoid or at least control risk. The next time you hear the mindless prattle of “but we’ve always done it that way”, get some ideas on how to change your company’s compliance culture...

Comments  (0)

37d5f81e2277051bc17116221040d51c

The Role of the CIO: What’s Really at Stake

August 08, 2012 Added by:Robert Siciliano

The CIO has become as important as the CEO. It’s a pivotal position that often can make or break the success of a corporation. As criminal hackers have launched campaigns against numerous organizations, the CIO has become much more than an information officer. They are the guardian of corporate secrets...

Comments  (0)

9f19bdb2d175ba86949c352b0cb85572

The Unbearable Riskiness of Being Social...

August 06, 2012 Added by:Neira Jones

With social networks transforming the rules of business engagement, many businesses think the biggest risk of social media is the brand and reputational damage that could result from negative interactions or the potential disclosure of proprietary or sensitive information...

Comments  (2)

7da15e2ad2a36348401730e0d92d7e33

IT Risk Management: Roadmap for a Roadmap

July 03, 2012 Added by:Jared Pfost

Most IT organizations aren't equipped or supported to build a mature program. If our objective is to deliver an evidence driven investment road map aligned with the business, it's OK to plan a phased approach and demonstrate value while the culture, process, and necessary resources gain momentum...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Patchwork Cloud: To Rent or Buy Your Cloud?

June 27, 2012 Added by:Rafal Los

One cloud does not fit all. Your cloud should be customized to fit your business. I believe that if you're going to have a cloud strategy you need to have a pragmatic approach which has you doing your due diligence, proper risk analysis, and understanding your cloud vendor...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Resilient Enterprise: Learning to Fail Part 2

June 25, 2012 Added by:Rafal Los

Failing with the support of a DevOps tribe can lead to a more resilient enterprise and ultimately better enterprise security. In the following few sections we're going to take a look at combining tools, processes and the tribe mentality to solve some otherwise ugly problems - and come out the other side...

Comments  (0)

A88973e7d0943d295c99820ab9aeed27

Fashionable But Vulnerable: Mobile Devices in the Workplace

June 12, 2012 Added by:Simon Heron

Mobile devices are contributing to improved efficiency and are undoubtedly popular with employees, but they are also inherently vulnerable. To minimise the risks, organisations must develop specific mobile device management policies – and then enforce them...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

How the DOJ Looks at Compliance Programs Part 2

May 31, 2012 Added by:Thomas Fox

The ABA Primer notes that an effective compliance program consists of documentation that an organization “exercise[s] due diligence to prevent and detect criminal conduct; and otherwise promote[s] an organizational culture that encourages ethical conduct and a commitment to compliance with the law”...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Resilience is the New Secure: Evolution of Business-Relevant Thinking

May 30, 2012 Added by:Rafal Los

Resiliency speaks to core business needs much better than security ever could. Resiliency speaks to availability, incident response, business continuity and disaster recovery and security all rolled into one. Resiliency is a measure of preparedness against failure - a component of which is security...

Comments  (2)

37d5f81e2277051bc17116221040d51c

What Is Business or Corporate Identity Theft?

May 30, 2012 Added by:Robert Siciliano

Victims of business identity theft often do not find out about the crime until significant losses accumulate, or someone discovers discrepancies on the books. Because of the hidden nature of the transactions, businesses can lose vast amounts of money. Business identity theft can remain unde­tected for years...

Comments  (0)

Bddcc5065237c686cb4d89dba8b276f2

Positioning the Security Team Using Influence Part 2

April 22, 2012 Added by:Steven Fox, CISSP, QSA

Security engineers, analysts, and auditors are apt to use security policies or industry best practices as the foundation of their guidance rather than addressing business needs. While valid in its substance, these appeals to authority are perceived negatively...

Comments  (0)

Ebe141392ea3ebf96ba918c780ea1ebe

Eating the Security Dog Food

March 23, 2012 Added by:Wendy Nather

It's harder to be accused of nefarious activities if you are completely above-board, show you're willing to be subject to appropriate limits, and make a point of relinquishing any powers you might have. Call it CYA, call it leading by example, whatever. It's ethically important...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

A Seat at the Table: Compliance in the Contract Tender Process

March 21, 2012 Added by:Thomas Fox

A mature compliance program can be a great benefit for a company, not only in evaluating risk from the compliance perspective but also preparing the necessary steps so that if a contact is awarded, it can be executed in an efficient manner. But it must have a seat at the table...

Comments  (0)

Page « < 1 - 2 - 3 > »
Most Liked