GRC

Don’t Settle for Less than 5 Stars

Booking a vacation to the Caribbean? You would want to stay at a 5-star resort, right? Planning a celebratory dinner? A 5-star restaurant would be a great choice. So when it comes to aligning your business with a partner that can best suit your needs, why settle for anything less? CRN, part of The Channel…

Enabling the Advantaged Enterprise

I was in my 36th floor hotel room in Las Vegas one afternoon last week, after a day of presentations at EMC World, when I was startled by something banging the side of the building above my window. A man in a rope sling winched slowly into sight, swaying from side to side, twirling slightly.…

Third and Fourth Party Risk Management: Access-as-a-Risk

By now, we all know that vendor engagement is key to business sustainability. Organizations cannot focus on their core business without outsourcing non-critical functions to third parties. From a 20,000 foot view, third party management becomes an operational activity governed through contracts, engagement analyses and effective risk management. Where organizations fall short is in implementing…

Risk Appetite Limbo

The Financial Stability Board (FSB), an international body that monitors and makes recommendations about the global financial system, published “Principles for An Effective Risk Appetite Framework” in November 2013.  Regulations were finalized around these principles by some regulators including the Comptroller of the Currency in 2014.  Although the genesis is FI-related, there are a lot…

Risk Intelligence Reveals Opportunity for Competitive Advantage

Risk intelligence measures an organization’s understanding and implementation of risk management strategies, which are essential to gaining a competitive advantage in any industry. However, after indexing nearly 400 organizations, RSA concluded that less than 10 percent of companies have a risk management strategy that is mature enough to be considered “advantaged.” This signifies that 90…

How to Manage Third-Party Risk Before, During, and After Signing a Service-Level Agreement

One of the great things about events such as the Next-Generation Security Summit is the opportunity to network and share information with security leaders from multiple industries. In recent sessions, third-party risk has been a particularly hot topic. In the banking industry, this discussion is being driven in large part by the US Office of…