Security, resilience require better questions
The article offers suggestions for increasing corporate cybersecurity efforts for the board. Topics discussed include ineffectiveness of artificial intelligence in preventing cybercrime and data security failures; making sustainable data privacy compliance; and verifying identities and providing access to resources through authentication.
How to build a cyber-capable board
The article offers several tips for businesses to create a board of directors that can help manage cybersecurity risks. These tips include consulting both the board and chief information security officers on cybersecurity issues, demanding clarity in security reporting, and focusing on the human aspects of cyber risk.
Good times and bad: The trauma of the financial crisis needs to be remembered even as new threats become a growing concern.
The article focuses on the risk management by the financial services industry in the United States. The industry faces various challenges that include non-financial risks like cybersecurity, model, third-party and also economic risks. Many companies now have a risk committee of the board with primary responsibility for risk oversight
Get the most from the risk appetite dialogue
The article offers information on the role of boards of director in risk management. Topics discussed include importance of risk appetite statement to tackle the risks of business; risk appetite statement can be useful for communicating with the board, encouraging personnel to take risks in executing the strategy and maintaining strategic focus; and role of risk appetite statement in maintain strategic planning of business.
An animal kingdom of disruptive risks: how boards can oversee black swans, gray rhinos, and white elephants
The article talks about the difficulties that corporate directors face while dealing with risk-taking decisions related to disruptive risks. Risks are identified in 3 classes - black swans, grey rhinos and white elephants and recommendations for consideration are given.
To stay competitive leave no stone
The article discusses the benefits of integrating strategy and enterprise risk management to help organizations remain competitive in the face of constant change. Boards will be able to identify risks and their potential impacts in the context of the firm's strategic plan. Factors to be considered by boards include the state of their integration of ERM and strategy, ways of mitigating the identified risks and the level of collaboration between the chief risk officer and strategy leaders.
Are COSO frameworks enough
The article informs that as technology takes on an increasingly larger role in operations, business-focused frameworks might not be enough. It is mentioned that COSO framework defines internal control as a process, effected by an entity's board of directors, management designed to provide result based on effectiveness and efficiency of operations. The article also discusses about good-practice framework COBIT, and corporate governance of information technology.
Reputation management and the board
Article highlighting the ways of corporate reputation management including positive outreach, regular assessment, and strong management. Topics discussed include issues relating to the loss of public trust; role of senior management in avoiding the corporate disasters; and the business issues such as quality and product safety, reputational concerns increasingly address moral or ethical concerns.
The chief risk officer: it's not just about managing risk costs anymore
Paul Ingram, Chief Risk Officer (CFO) at Credit Suisse International, gives his views on the remit of his role.
What CISOs wish they could tell their boards
The article offers information on the efforts of chief information security officers (CISOs) to manage the cyber security risk. Topics discussed include need of security spending budgets; information on the risk-based approach to cyber security as part of enterprise risk management; the information technology risks and strategy; and communication between the board risk commitee and the CISO.