FS-ISAC

NOVEMBER 8, 2021

We chase concepts that seem simple, such as "basic" network hygiene, asset management, and patching. But these approaches rely on tenets based on traditional operational and financial risk management. While “close enough” works in asset management for financial inventory, it can quickly prove useless in cybersecurity.

Risk Management 59

Risk Management Management Audit Asset Management 59

LogisManager

MAY 20, 2021

Colonial Pipeline Hack: Failure in Risk Management. That’s why insurance premiums are increasing exponentially for those organizations that cannot provide evidence of an effective ERM program that has strong controls and a robust Incident Response program. Data Governance. Colonial Pipeline Hack: Introduction.

Risk Management 64

Risk Management Management Authentication Hospitality 64

Risk Management Monitor

DECEMBER 8, 2022

If your organization operates or could be sued in New York, there has been recent activity on the legal and regulatory risk landscape that risk professionals should be prepared for. What are the New York Disclosure Law’s requirements and how do they impact your insurance program?

Insurance 49

Insurance Insurance Alert Risk Management 49

LogisManager

OCTOBER 19, 2023

In what is seen as a significant shift, the Proposed Standards will move away from the reliance on state law in favor of establishing governance and oversight obligations for banks. Among the areas expected to see change within compliance management of these banks will include obligations, board composition, duties, and committee structure.

Banking 98

Banking Corporate Governance Audit Risk Management 98

Reciprocity

MARCH 28, 2022

Enterprise risk management is critical for business success. The fundamental components of ERM are evaluating significant risks and applying adequate responses. Additional important ERM components are risk philosophy or strategy, risk culture, and risk appetite. Two ERM Must-Haves.

Risk Management 52

Risk Management Management Mitigation All-Hazards 52

Reciprocity

AUGUST 18, 2022

Enterprise risk management (ERM) is critical for success in the modern business landscape. Your ERM program should encompass all aspects of risk management and response in all business processes, including cybersecurity, finance, human resources, risk management audit , privacy, compliance, and natural disasters.

Risk Management 52

Risk Management Management Mitigation Strategic 52

Reciprocity

OCTOBER 8, 2024

Risk management is arguably the most effective way to navigate uncertain circumstances. That said, not everyone can handle the time and resource commitments associated with traditional risk management processes. If this is you, building an automated risk management program may be the wiser course.

Risk Management 52

Risk Management Cybersecurity Management Alert 52

Reciprocity

OCTOBER 8, 2024

Risk management is arguably the most effective way to navigate uncertain circumstances. That said, not everyone can handle the time and resource commitments associated with traditional risk management processes. If this is you, building an automated risk management program may be the wiser course.

Risk Management 52

Risk Management Cybersecurity Management Alert 52

BMC

DECEMBER 5, 2024

These frameworks offer philosophies and tangible paths forward to improve cost and resource management, measure risk, speed up customer service, and innovate analysis through predictive methods. Short for Control Objectives for Information and Related Technologies, COBIT was first developed to guide IT governance and management.

Audit 52

Audit Government Technology Security 52

Reciprocity

MARCH 24, 2022

Vendor risk management (VRM), a part of vendor management, is the process of identifying, analyzing, monitoring, and mitigating the risks that third-party vendors might pose to your organization. Third-party risk management begins with due diligence before signing a contract, as with any risk management program.

Risk Management 52

Risk Management Management Audit Cybersecurity 52

Reciprocity

DECEMBER 27, 2022

Managing all your governance, risk, and compliance (GRC) needs is no easy task. GRC is an integrated approach to managing the organization’s governance, IT and security risks, and regulatory compliance functions. The three pillars of a GRC program are governance, risk management, and compliance.

Government 52

Government Audit Risk Management Disaster Recovery 52

Reciprocity

NOVEMBER 5, 2021

The modern corporate organization faces a host of risks that can affect operational efficiency and regulatory compliance. Simple awareness is not enough to stay ahead of these risks. You must find ways to manage, mitigate, accept, or transfer these risks. Here’s where enterprise risk management (ERM) comes in.

Risk Management 52

Risk Management Management Audit Strategic 52

BMC

DECEMBER 23, 2024

GRCGovernance, Risk, and Complianceis one of the most important elements any organization must put in place to achieve its strategic objectives and meet the needs of stakeholders. GRC as an acronym stands for governance , risk , and compliance , but the term GRC means much more than that. What is GRC?

Government 52

Government Audit Technology Outsourcing 52

MHA Consulting

MARCH 23, 2023

It has greater governance, risk assessment, business impact analysis, planning, testing, and maintenance requirements than any other standard. By adhering to the council’s guidelines, companies can implement best practices for risk management, cybersecurity, data protection, and business continuity planning.

BCM 95

BCM Impact Analysis Business Continuity Banking 95

Fusion Risk Management

NOVEMBER 3, 2022

In the case of misconduct related to risks of fraud, bribery, or corruption, the U.S. Department of Justice includes provisions in its Guidelines on Corporate Compliance to assess governance in place and determine whether management is responsible. million per violation, depending on the specific provision violated.

Resilience 96

Resilience Mitigation Cybersecurity Risk Management 96

Risk Management Monitor

NOVEMBER 11, 2021

In one of the afternoon’s sessions, “Identify and Solve Any Organizational DEI Issue In One Hour,” presenter Layne Kertamus, professional in residence of risk management and insurance at Utah Valley University, explored “new ways to talk about what needs to be said, and what needs to be listened to.”.

Risk Management 75

Risk Management Insurance Insurance Authentication 75

Risk Management Monitor

SEPTEMBER 14, 2023

Stuart Award from Valerie Fox (left) for lifetime achievement in risk management OTTAWA—The 2023 RIMS Canada Conference is officially underway here in Ottawa, Ontario, convening more than 1,400 Canadian risk professionals in the nation’s capital. Catherine Dowdall (right) receives the Donald M.

Risk Management 59

Risk Management Insurance Insurance Government 59

Solutions Review

DECEMBER 12, 2024

This heightened accountability is set to redefine service contracts and risk management strategies. Cyber Liability insurance will increasingly require a privacy audit. As the number of privacy breaches and privacy violations continues to rise, cyber insurers will demand more thorough privacy programs at underwriting.

Vulnerability 52

Vulnerability Cybersecurity Malware Audit 52

Fusion Risk Management

SEPTEMBER 12, 2022

Even if it is difficult to use that regulatory hammer to secure funding for budget to purchase technology, this should not stop a progressive organization from using effective risk management disciplines to run their programs and serve their customers. Ability to Procure Cyber Insurance. Supply Chain Ecosystem.

Resilience 52

Resilience Insurance Insurance Outsourcing 52

Zerto

MARCH 5, 2025

By functioning as a standardized blueprint, they outline the best practices to approach risk management and help businesses maintain resilience in the face of growing threats. HIPPA: The Health Insurance Portability and Accountability Act (HIPPA) enforces data protection regulations specifically for the healthcare industry.

Cyber Resilience 52

Cyber Resilience Security Disaster Recovery Resilience 52

Risk Management Monitor

MARCH 4, 2022

Attacks attributed to Russia have been launched against a range of targets in Ukraine, including new destructive malware campaigns , targeted information-gathering against a range of civilian and government targets, and attacks on critical infrastructure. and “How can we still work without any technology support?”. Check it out here: [link].

Management 56

Management Malware Cybersecurity Insurance 56

Reciprocity

APRIL 4, 2022

Although people often use the words “assess” and “analyze” interchangeably, the terms are not synonymous in risk management. A risk assessment forms the backbone of your overall risk management plan. What Is a Risk Assessment? ” What is the Risk Analysis Process?

All-Hazards 95

All-Hazards Mitigation Risk Management Hazard 95

Reciprocity

AUGUST 24, 2022

The various niches of risk management have become a veritable alphabet soup of acronyms. As a result, we now have: Enterprise risk management (ERM). Governance, risk management, and compliance (GRC). Integrated risk management (IRM). The advent of the digital age is partly to blame.

Risk Management 52

Risk Management Audit Insurance Insurance 52

Erwood Group

OCTOBER 27, 2020

The first and most obvious to many is that business continuity planning helps organizations obtain reduced premiums on insurance. In some cases, we have seen providers work closely with the client to further mitigate risk by providing additional assistance and suggestions. Let’s look at each of these and others in more detail.

Business Continuity 59

Business Continuity Continuity Planning Insurance Insurance 59

Reciprocity

SEPTEMBER 30, 2022

Third parties generate, manage, or hold this data, resulting in even more severe threats to healthcare organizations and their information security. This is why third-party risk management and healthcare data security are critical. What is Healthcare Vendor Risk Management? Notes on Vendor Access et. Access to PII.

Healthcare 52

Healthcare Management Vulnerability Risk Management 52

everbridge

DECEMBER 19, 2023

Advanced Analytics: Risk intelligence firms developed more sophisticated analytical tools, enabling better predictions of geopolitical events and their impact on businesses and governments. Lessons Learned: AI-Driven Disaster Response: Governments employed AI to improve their response to natural disasters.

Management 59

Management Travel Vulnerability Cybersecurity 59

everbridge

OCTOBER 7, 2024

Various definitions of resilience have also evolved–some of which have been defined by government entities and others that emerged from the industry. Businesses have been conducting risk management, at various levels of sophistication, for decades. But is it enough?

Resilience 52

Resilience Risk Management Authorization Continuity Planning 52

Solutions Review

DECEMBER 13, 2022

Data bias in machine learning models is one of the hottest topics in the AI industry for good reason; an AI model that rejects loan applications or increases insurance premiums for the wrong reasons will have a very deleterious effect. Data access governance platforms become pervasive. And there are other concerns.

Backup 98

Backup Application Government Security 98

Fusion Risk Management

JUNE 23, 2023

The idea behind having an effective third-party risk management (TPRM) program is not a newfound concept. More than 14 years ago, the Federal Deposit Insurance Corporation (FDIC) introduced the first true risk-based approach to understanding and managing third parties.

Risk Management 52

Risk Management Alert Resilience Communications 52

Reciprocity

OCTOBER 1, 2022

As organizations and businesses around the world and across industries migrate their IT to the cloud, C-suites are faced with a new dilemma for governance, risk management and compliance (GRC) solutions: cloud versus on-premise software. That’s time and money that might be better spent elsewhere.

Government 52

Government Internet Risk Management Audit 52

eBRP

JANUARY 14, 2025

To build an Adaptive, Resilient Enterprise , organizations must move beyond conventional Business Continuity Management (BCM) approaches. Traditional BCM is often limited to tactical response plans, perceived simply as insurance policies that rarely spark high-level executive engagement.

Resilience 52

Resilience BCM Response Plan Disaster Recovery 52

Pure Storage

MARCH 25, 2024

CISA is a part of the Department of Homeland Security and has responsibilities that include risk assessment, vulnerability reduction, threat detection, incident response, and the coordination of recovery efforts with other federal agencies, state and local government, and the private sector. Like nearly all efforts in the U.S.,

Financial Services 59

Financial Services Resilience Banking Risk Management 59

Reciprocity

AUGUST 15, 2022

Specifically, a compliance management system looks like a collection of policies, procedures, and processes governing all compliance efforts. Ideally, your CMS is an integrated system to govern that program, which should include employee training, focused business processes, operational reviews, and corrective action strategies.

Management 52

Management Audit Banking Media 52

Security Industry Association

SEPTEMBER 20, 2022

Last week the Department of Homeland Security (DHS) announced a joint effort between the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Emergency Management Agency (FEMA) to provide new cybersecurity grants authorized and funded under the Bipartisan Infrastructure Law. Details: Eligibility.

Cybersecurity 52

Cybersecurity Telecommunications Authentication Government 52

Solutions Review

JANUARY 25, 2023

The risk of still running those systems, and the need for business change will push many of these systems over the edge resulting in significant demand for rebuilding new ones. New systems will be a collection of smaller applications working harmoniously for better risk management and future outlook.

Backup 116

Backup Government Application Security 116

Reciprocity

APRIL 4, 2022

Hence cybersecurity risk management is crucial to prevent and mitigate cyber threats. To combat those threats, businesses need to develop digital risk management. We can define that as the processes used to assess, monitor, and treat the risks that arise from the digital business processes that are so common today.

Mitigation 52

Mitigation Malware Cybersecurity Media 52

BMC

DECEMBER 5, 2024

These frameworks offer philosophies and tangible paths forward to improve cost and resource management, measure risk, speed up customer service, and innovate analysis through predictive methods. Short for Control Objectives for Information and Related Technologies, COBIT was first developed to guide IT governance and management.

Audit 52

Audit Government Technology Security 52