COSO ERM framework update

Increased Credit Card Security Means Increased Compliance Risks and Liabilities for Businesses

Here at LogicManager, we’ve spent a lot of time considering issues related to cybersecurity. To find a new way in which a cybercriminal has exploited electronic vulnerabilities, all you need to do is skim today’s newspaper, which will almost inevitably report a data breach or fraud-related scandal. An evolving set of threats means incident likelihood…

Protect against ransomware with these best practices.

Cyber-Threat Management Requires a Risk-Based Approach

The concept of cyberattacks, while still disturbing, is no longer as new and unfamiliar as it was five years ago. However, we are still seeing money invested in inefficient and ineffective risk mitigation responses. All the major corporations that have suffered breaches had sophisticated control solutions in place. Even so, their risk exposure was significant…

good governance is made possible by ERM

Ignorance Is No Longer an Excuse for Poor Board Oversight

Gerry Grimstone, keynote speaker at the IIA’s recent conference in London, has a message for senior executives. “You can’t easily blame a board member for not knowing something,” Grimstone said. “But you can blame a board member for creating a culture where he doesn’t know something.” Grimstone spoke at length about the latest example of…

Healthcare Industry

A Risk-Based Approach to Patient Safety and Incident Management

The Food and Drug Administration recently investigated manufacturers of endoscopes, a device most doctors call “a key tool in detecting and treating medical problems,” according to The Washington Post. Such instruments, while vital to modern medicine, are also responsible for infecting hundreds of patients with a vicious bacteria called enterobacteriaceae, more commonly known as CRE.  So…

connecting risk information

How Enterprise Risk Management Prevents Surprises

Governance programs are the unsung heroes of 21st-century business operations. Their situation is analogous to that of football’s offensive line. If an offensive line does its job, no one will notice it, but when something goes wrong, the spotlight shifts. Governance personnel know this feeling all too well. Unwanted surprises – be they compliance notices,…

cyber risk

Risk-Based Cybersecurity Prevents Cyber Attacks and Data Breaches

There are many prominent cybersecurity companies, including FireEye and Symantec. These companies “focus on blocking or detecting intrusions as they occur or responding to attacks after the fact,” according to The New York Times. Sometimes, this approach yields fruit, but inherently, it cannot “gain the upper hand” over threats; no matter how quickly security responds to…

risk identification and risk assessments prevent surprises

4 Ways to Prevent Business Surprises with Risk Identification

Nobody likes surprises in business. Using a risk-based approach to identify your organization’s likely vulnerabilities is highly recommended and vital to short-term and long-term success. Expanding regulations make compliance increasingly complex and expensive, and increases in deficient internal audit controls have heightened scrutiny of companies by the SEC, PCAOB, and investors. Business surprises are preventable,…

risk management approach

Increased Controls without Risk Assessments Negatively Impacts Revenue

While data breaches have dominated the news cycle, The Wall Street Journal’s “Risk and Compliance Journal,” reports that fraud is actually much more common, even if it generates fewer headlines. In the fiscal year ending March 31st, 2015, instances of retail fraud averaged a 94% increase from the prior year when calculated by average loss…