Risk Management

Attention all compliance officers at large technology companies – have you checked your mail lately? Because you might find a letter from the Securities and Exchange Commission with FCPA risk written all over it.

This blog explores why a balanced strategy that proactively addresses both immediate and slow burn risks is the key to robust cybersecurity.

In part one of this cybersecurity blog series, we’ll uncover the staggering costs of failure, expose the limits of technology and reveal why your employees hold the key to safeguarding your business against cybercrime.

Corporations have struggled to manage cybersecurity risk for years, and now they have a new tool to help them bring order to chaos: a new and improved cybersecurity risk management framework, released at the end of February by the National Institute of Standards and Technology.

2024 is shaping up to be a very active year for regulatory and enforcement developments in the healthcare industry. This post, the second in a three-part series, will cover the increased cybersecurity expectations for the healthcare industry.

Risk assessments are one of the most important tasks a compliance officer performs – and also one of the most confounding. How do you keep assessing your organization’s risks in a disciplined, methodical manner, when the range and nature of those risks changes so often?

In part one of this two part series, we discussed the various forms of internal risk and best practices for risk management and mitigation. In part two, we explore the profound impact of a true speak-up culture.

Artificial Intelligence is a new risk domain for organizations, but it also creates a prime opportunity for the CCO to lead the way in creating a GRC framework that proactively addresses risk and realizes the benefits of properly implemented and governed AI.

This NAVEX blog discusses the various forms of internal risk and best practices to manage and mitigate risk in your organization.