The modern business environment is constantly subject to change, and risk leaders need to bet on the inevitability of the unknown. Situational awareness and anticipation can mean the difference between risk being a tool or a nightmare. In the words of Theodore Roosevelt, “Risk is like fire: If controlled it will help you; if uncontrolled it will rise up and destroy you.” ERM for Executives: Understanding the Interconnectedness of Risk Risk is more than…
Cyberattacks against private networks have been increasing and can have a severe impact on credit union supply chains. The National Credit Union Administration (NCUA) board recently received a cybersecurity briefing during its monthly meeting, where the Chairman’s Special Advisor for Cybersecurity, Johnny E. Davis Jr., stated that cyberattacks tied to the pandemic continue to be a significant risk for credit unions across the nation. The agency now has the opportunity to revamp examination criteria…
During the first quarter of 2021, the Securities and Exchange Commission (SEC) has moved toward updating the requirements and enforcement for environmental, social, and governance (ESG) disclosures for public companies. This push is intended to provide investors with more information about corporations’ compliance accuracy when dealing with ESG disclosures. Climate-related issues have become a significant consideration for investors, and the SEC is working on improving existing guidance for organizations to follow when filing ESG…
Recently we have witnessed the Colonial Pipeline cyberattack, a significant Microsoft Exchange Server hack, and the infamous SolarWinds breach severely impact U.S. companies and the country more broadly. Each of these attacks has been a highly sophisticated breach of the United States’ cyberinfrastructure. Each has also served as a serious and sobering reminder of the digital age and dangerous world we live in. Over the years, there has been a consistent stream of headlines on…
Your organization is always changing, and with it, your methods for governance, risk, and compliance (GRC) management need to grow and mature. Inefficient GRC strategies can result in costly and time-consuming management practices. Previously, it was common to manage disciplines that fall under the GRC umbrella—such as business continuity, regulatory compliance, and vendor risk—separately, but GRC technology has given businesses the means to address interconnected risks and streamline their efforts into an effective program.…