Cyber Security Risk Management: How can organizations address advanced persistent cyber threats?

Organizations are considering enhanced cyber risk management standards for organizations to increase their operational resilience and reduce the potential impact on the financial system as a result of a cyber-attack at a firm or a failure to implement appropriate cyber risk management. With increasingly advanced and persistent attacks and the Read more…

Third Party Risk Management Framework: What measures are taken to ensure third party service levels are met and maintained?

An enterprise risk management program is intended to help ensure that the risk of improper payments across your organization is managed strategically. Vendor and third-party supplier management involve evaluating and qualifying your vendors based on your vendor management policy. You may also need to plan your communications and procurement activities Read more…

Third Party Risk Management: Does the third party relationship(s) compliment your organizations overall mission and philosophy?

Risk management, including third party risk management, requires risk to be managed to a level which is as low as is reasonably practical. One way to ensure this is to evaluate strategies that address the third-party risks that coincide with these relationships. Many organizations incorporate a no-retaliation policy and encourage Read more…

Third Party Risk Management: Is the compliance work/audit plan based on a documented risk assessment and is IT risk based?

Risk management is the identification, evaluation, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability or impact of unfortunate events or to maximize the realization of opportunities, within your overall compliance plan, include a provision for auditing and monitoring coding Read more…