operational risk management

Risk Identification and Monitoring Ensure Hospitals, Labs, and Retailers Remain in Compliance with EPA Standards

In light of recent events, the Environmental Protection Agency is using new monitoring techniques to evaluate the quality of companies’ classifications and reporting of hazardous materials. Ironically, as we all learned recently, even the EPA itself isn’t immune to catastrophic, if preventable, mistakes. New compliance regulations increase the importance of standardized risk identification, mitigation, and…

COSO ERM framework update

Increased Credit Card Security Means Increased Compliance Risks and Liabilities for Businesses

Here at LogicManager, we’ve spent a lot of time considering issues related to cybersecurity. To find a new way in which a cybercriminal has exploited electronic vulnerabilities, all you need to do is skim today’s newspaper, which will almost inevitably report a data breach or fraud-related scandal. An evolving set of threats means incident likelihood…

board accountability

Volkswagen Side-Steps Enterprise Risk Management

Volkswagen has been side-stepping environmental compliance standards by “programming some diesel-fueled cars to turn on emission controls only when being tested.” In the days since this discovery, Volkswagen has been hit with over 30 federal lawsuits and 40%+ decline in stock value, all stemming from the same source—poor Enterprise Risk Management. In this case, poor…

vendor management

Increased Accountability for Risk Management results in 28-Year Prison Sentence

CNN’s latest news headline reads, “28 years for salmonella: Peanut exec gets groundbreaking sentence.” This story relates to the Peanut Butter Corporation of America’s (PCA’s) bankruptcy, and the largest food recall in the United States due to salmonella. Known as one of the deadliest salmonella outbreaks, the PCA’s case is linked to nine deaths on top…

regulatory organizations targeting cybersecurity risk management

OCC Targets Cybersecurity and AML Deficiencies – ERM is the Answer

The OCC released its “Semiannual Risk Perspective” and, perhaps as anticipated, banks continue to struggle plugging gaps in information technology practices. Among the risks highlighted in the study, as reported by Joe Mont at Compliance Week: Evolving cyber-threats and information technology vulnerabilities require heightened awareness and appropriate controls. The high volumes and frequency of changes…

ISO 19600: A Risk-Based Approach to Compliance Management

LogicManager has long believed that an Enterprise Risk Management methodology, also known as a risk-based approach, is the best way of accomplishing any type of organizational governance. With risk as the common factor, governance activities become standardized and comparable, enabling better decision making. As it turns out, the International Organization for Standardization, or ISO, agrees.…

Healthcare Industry

PCI DSS in Healthcare: HIPAA Compliance Isn’t Enough to Protect Patients

The healthcare industry has grappled with HIPAA for nearly 20 years. The ever-changing, extensive piece of legislation mandates the protection and security of patients’ private health information, and HIPAA compliance is a costly and time consuming process for healthcare organizations. With the amount of focus and effort directed towards HIPAA compliance, risk and compliance professionals…