The ABCs of GRC Compliance Week
The value of mature GRC capabilities can be summed up through another acronym—ABC: Aware, Bespoke, and Confident. And while these are not the only attributes of effective GRC, together these three offer the opportunity for greater success that most organizations have failed to grasp, at least up until now.
Defining and Understanding Risk in the Modern Enterprise
According to Deloitte Advisory Cyber Risk Services “the fundamental things that organizations undertake in order to drive performance and execute on their business strategies happen to also be the things that actually create cyber risk. This includes globalization, mergers and acquisitions, extension of third-party networks and relationships, outsourcing, adoption of new technologies, movement to the cloud, or mobility. And they are not going to stop doing these things any time soon. Cyber risk is an issue that exists at the intersection of business risk, regulation, and technology. Executive decision-makers should understand the nature and magnitude of those risks, consider them against the benefits a strategic shift would deliver and then make more informed decisions.”
Implementing GRC Lines of Defense to Improve Your Business Processes
When business operators use repeatable processes and uni ed software to manage risk and compliance, the bene ts are huge. Every part of the business becomes more agile, resilient, risk intelligent and con dent. This illustration shows how to improve business processes, gain risk intelligence, and contribute to planning for performance.
Taking Command of Your GRC Journey with RSA® ARCHER®
pdf
Taking Command of Your GRC Journey.pdf
(374 KB)
Organizations must implement a cohesive risk management program to protect against loss while remaining agile to meet strategic objectives. RSA® Archer® can transform your compliance program and enable your organization to proactively manage risk by providing improved visibility, enabling better decisions to achieve business objectives with more predictable results.
IT Risk Is Not About IT – It’s About the Business
Information technology risk teams know well that the scope of IT risks can be very broad – ranging from technical security risk, to IT operations risk, through to operational risk and enterprise risk. IT risk teams typically have deep skills in risk identification and analysis of information technology components, and many are also quite skilled in making recommendations on risk treatment options.
Proving the ROI of Automating Risk and Compliance
As with any major purchase, demonstrating the return on investment is key to getting the ultimate buyer to support the investment. Automating your risk and compliance activities can positively affect your company’s bottom line. You just need to prove it. Here are some insights to help you do just that.
Enabling GDPR Compliance Through Innovative Encryption AND Key Management Approaches
GDPR is the biggest shake-up in European data protection legislation for 30 years. Organizations have less than two years to ensure that their data protection processes are compliant. Most organizations will struggle to meet the May 25, 2018 deadline.
RSA Archer Operational Risk Management - Solution Brief
This solution brief provides an overview of RSA Archer Operational Risk Management, including use cases for Top-Down Risk Assessment, Loss Event Management, Risk Catalog, Bottom-Up Risk Assessment, Operational Risk Management, and Key Indicator Management.
CRO at the Center - Forces of Change: Integration of GRC
In today’s global and increasingly digital business world, a broad spectrum of economic, political, social, legal, technology and regulatory changes are continually taking us to a new level of strategic and tactical complexity and creating commensurate pressures on business performance. We continue to see exponential growth of requirements (often conflicting and overlapping) that organizations must satisfy, and these become even greater as we expand global operations.
Managing the Right Risks at the Right Time
Risk aggregation is all about ensuring that anyone looking at risks understands the relative importance of each risk and is confident that the appropriate risks have bubbled up to the surface. When assessing risks, there is essentially an opinion provided as to the expected impact and likelihood. In other words, there is no real certainty as to the timing or magnitude of a risk event.
RABOBANK: Uniting the workforce for unified risk management with RSA Archer
Dating from the end of the 19th century, Rabobank is a bank by and for customers. Over the past several years it has grown from its home territory in the Netherlands to become an international financial services provider with activities including banking, asset management, leasing, insurance and real estate. Its independent local branches are the most tightly knit banking network in the Netherlands, serving millions of Dutch retail and wholesale customers.
Navigating OWN Risk & Solvency Assesment (ORSA) Requirements
We are now more than a year into the guidelines that went into effect June 2015 for medium/large insurers to comply with Own Risk and Solvency Assessment (ORSA)requirements that include the assessment and management of all risks (not just underwriting risks) in their annual reports.
eBook: Simplifying GDPR Compliance
Complying with new and multifaceted regulations can be a challenge for your business. At HPE, we break down all aspects of GDPR into modules. Read through and pick and choose the solutions you need to cover your business, all provided with our quality and expertise as standard.
MetricStream ERM Data Sheet
The MetricStream Enterprise Risk Management App provides capabilities to deploy uniform risk methodologies and standards, ensuring a structured and systematic approach to ERM. The App enables an accurate understanding of risks across the organization, providing clear visibility into the top risks affecting the organization.
