Cybersecurity Framework: Where Do We Go From Here?
Protiviti just published a Flash Report on the National Institute of Standards and Technology’s (NIST) final version of its Framework for Improving Critical Infrastructure Cybersecurity. I highly recommend that anyone involved in cybersecurity in their organization become familiar with the NIST Framework by reading our report. This framework could end up being the new game […]
Ethics in Corporate Governance: “Walking the Talk”
If it’s true you can’t legislate morality – and all evidence, including but certainly not limited to corporate malfeasance such as the Enron and Worldcom scandals or the questionable corporate behavior of reckless risk-taking to maximize short-term profits and compensation (under “heads I win, tails you lose” compensation structures that left shareholders with the short […]
PreView-ing Today’s Emerging Risks
We want to share a heads up with you regarding a new Protiviti newsletter that we’re very excited about. We’ve just published the first edition of PreView, which will be a quarterly review of emerging risks likely to have a strategic impact on organizations over the long term. Our focus in issuing PreView is on […]
More on the Five Lines of Defense
In January, I commented on this page regarding how an effectively designed and implemented lines-of-defense framework can provide strong safeguards against breakdowns in risk management and compliance management. The traditional lines-of-defense model has emphasized three lines of defense – (1) business unit management and process owners, (2) independent risk management and compliance functions, and (3) […]
Executive Perspectives on Top Risks for 2014
One of the first questions an organization seeks to answer in risk management is, “What are our most critical risks?” To provide perspectives about the nature of potential risks in 2014, I am pleased to report that Protiviti and North Carolina State University’s ERM Initiative have partnered for the second consecutive year to poll more […]
