I have a problem with organizations placing separate attention to reputation risk and its management... Continue Reading
It is easy to say that risk management should be embedded into business processes such as strategic ... Continue Reading
The Ponemon Institute, which I have previously referred to in my posts as the publisher of reports o... Continue Reading
Practitioner & Thought Leader, Internal Audit / Risk Management / GRC
February 17, 2017
A risk register makes you feel good. It makes you feel you have accomplished something, a list of ri... Continue Reading
We should address risk because of its potential effect on the achievement of enterprise objectives. Continue Reading
Risk needs to be expressed in terms of the potential for a breach to affect the achievement of the ... Continue Reading
The management of risk, whether you call it enterprise risk management, strategic risk management, o... Continue Reading
People violate their organization’s code of ethics for all kinds of reasons. While there are some ... Continue Reading
GRC is defined by OCEG, repeated in the section above, as “a harmonized set of capabilities that e... Continue Reading
