Cybersecurity risk is growing and evolving globally, and conducting a cyber-risk assessment is one way that auditors can help to mitigate it.
To be truly diverse and inclusive, organizations need to make D&I a core part of the culture.
From manufacturing companies to government agencies, every sector is at risk. We look at some ways to reduce your cybersecurity risks this holiday season.
An ERM program that properly evaluates, monitors, and helps foresee risks—along with an effective resolution program—is invaluable.
CISOs may have hundreds of metrics to manage, but only a few will be relevant to the board. Here’s how to select the right metrics for your organization.
Heading into 2020, the CISO is stepping out of the server room and into the boardroom. We look at six common challenges they face in this new role.
A successful TPRM program extends way beyond the onboarding process. Organizations need to be invested in the whole TPRM lifecycle to properly manage risk.
With fraudsters becoming more sophisticated, and global data increasing, data analytics is now, more than ever, a critical tool to deal with global fraud.
While vendor risk management (VRM) and third-party risk management (TPRM) are sometimes used interchangeably, they aren’t the same thing.
Third parties help organizations better serve customers, grow revenues, and cut costs, but they can also cause serious damage if not properly managed.
Businesses that don’t digitalize quickly are going to be left behind, but there are inherent risks in transforming your business to take advantage of digitalization.
As we continue to find new and interesting applications for this technology, entire sectors, industries, and roles will evolve, including GRC.
Determining high-risk vendors is challenging, which is why it helps to have a solution that integrates with security assessment software.
Keith Bailey, VP of Finance, Galvanize, discusses how the HighBond platform helps him with forecasting, accessing data, and month-end reporting.
Security breaches can have crippling effects, so how do you respond to your leadership team when they ask how security is being addressed?