Manage Tomorrow's Surprises Today™ ERM Blog

risk identification 0

Experts: Cyber Risk Management Requires Enterprise-Wide Governance

Online media outlet TechTarget recently visited the 2014 Advanced Cyber Security Center (ACSC) conference right in our hometown of Boston, MA. Their findings? A successful cybersecurity risk management framework must be built around “Coordination. Cooperation. Collaboration.” “You are not going to eliminate the risk of attacks, you are going to manage the risk,” said Michael Chertoff,...

Businessman inside the house looking at city 0

Independent Research Proves 25% Market Value Premium of Mature ERM Programs

[Editor’s Note: The field of enterprise risk management is growing rapidly. Our new series, brought to you by the LogicManager Analyst Team, will keep you up to date on the latest news and developments in ERM.] Many business cases for enterprise risk management programs begin with what senior management can expect in terms of return on...

taxonomy21 3

How Risk Management Technology Projects Succeed

CMS Wire’s Norman Marks recent article, “Why Risk Management Technology Projects Fail,” captures a common but limited viewpoint of Risk Management that limits its ability to succeed in any environment, whether supported by software, spreadsheets, or pen & paper. “To be successful, a risk program has to be designed to enable managers to make intelligent, risk-informed...

risk management progress 0

Why Did Home Depot Need More Risk Assessments?

How can the 33rd largest company in America compromise the personal data of 56 million customers? And how can a company that spent $1 billion dollars to “digitize” itself take nine months to identify a breach? Most importantly, how can a company once cited for leadership and success in risk management fail to…well, manage risk? Cyber-crime...

uncover your risks 0

#ERMvsGRC – Home Depot in Focus

Home Depot hacked. http://t.co/qZROzHKWr2. This #risk preventable with #ERMSoftware. So why are ERM Programs failing? http://t.co/gcbLO6wCjz — Steven Minsky (@SteveMinsky) September 2, 2014 The goal of an ERM program is to put your organization in the best position to manage uncertainty, and to provide transparency into areas of vulnerability so businesses can make better decisions. Risk...

reputational risk 0

Smart Companies Integrating ERM with SOX

In Malcolm Gladwell’s “Blink,” he examines a hospital whose team had learned that to diagnose heart attacks, it’s more beneficial to gather a few key indicators than to try and take every measure into account. I’ve found that to judge the health of ERM programs, there are also a subset of characteristics that seem to immediately...

ORSA Compliance 0

ORSA Compliance: An Opportunity, Not An Obligation

Starting January 1, 2015, insurers across the United States are subject to a National Association of Insurance Commissioners (NAIC) model law requiring them to annually submit an Own Risk and Solvency Assessment (ORSA). ORSA is a self-assessment of sorts, requiring large and medium-size insurance groups* to report on their current and future risk management process. ORSA...

Risk Management Trends 0

WSJ: Executives Report Inadequate Risk Management

Despite reports that more than 65% of organizations have adopted Enterprise Risk Management, executives remain unimpressed and skeptical of the value their ERM programs are providing versus what is needed. A new report by APQC finds that fewer than 1 in 5 executives say their companies are effectively managing emerging risk, and the report’s authors worry...

risk identification 0

Password Theft Crisis: A Wake-up Call for ERM

A Russian crime ring has committed the largest data breach ever. According to a report in The New York Times, the ring allegedly stole 1.2 billion username and password combinations, and more than 500 million email addresses from some 420,000 websites. From an enterprise risk management perspective, this is not the full story. It is a fact...

demo 3

ERM Software vs. SharePoint

Once SharePoint has taken root in a company, there’s a tendency to try to use it for everything. The mega-popular platform can accomplish many use cases, from social networking to document management. It’s no wonder then that Risk Managers have been asked to build their programs on SharePoint – and live and die with the consequences....