The RiskTech Journal
The RiskTech Journal is your premier source for insights on cutting-edge risk management technologies. We deliver expert analysis, industry trends, and practical solutions to help professionals stay ahead in an ever-changing risk landscape. Join us to explore the innovations shaping the future of risk management.
The Convergence of Cybersecurity and Operational Risk: Lessons from the Clorox Breach
The Clorox cyberattack, which led to a whopping 20% drop in shares since August, highlights the ripple effect a cybersecurity incident can have on operational processes. Here, a technology-centered vulnerability impacted the company's operational capabilities, and consequently, its market value. Such setbacks not only disrupt the daily functioning of an organization but can tarnish its reputation and erode stakeholder trust.
How Integrated Risk Management Helps Businesses Comply with California's New Climate Laws
California is setting a new regulatory precedent with the passage of Senate Bill 253 (SB 253) and Senate Bill 261 (SB 261), collectively aimed at enforcing climate-related disclosures among large companies. These pioneering laws pave the way for a national wave of similar regulations, including pending rules from the Securities and Exchange Commission (SEC). In the midst of this regulatory shift, Integrated Risk Management (IRM) emerges as a crucial methodology for comprehensively managing the complexities of climate-related disclosure.
Synchronized Visions: How Deloitte and Wheelhouse Advisors Illuminate the Future of IRM
As I survey the current literature and thought leadership on integrated risk management (IRM), it becomes increasingly clear that this discipline is entering a pivotal era. Both Wheelhouse Advisors and Deloitte have recently offered robust frameworks illuminating different facets of IRM.
From Brakes to GPS to Telematics: The Evolution of Modern Internal Audit
In the rapidly evolving landscape of risk management, the role of internal audit is shifting from merely being the "brakes" or a "navigation system" within an organization to something far more dynamic and nuanced. Drawing on the technology of telematics systems, which blend telecommunications and informatics to guide insurance risk assessment, this article explores how internal audit can similarly offer data-driven insights without intruding on managerial autonomy. As we venture into this new era, internal audit's role isn't just about guiding or stopping; it's about gathering, analyzing, and integrating data to inform risk management.
The ESG Controller in the Age of Regulatory Shifts and Integrated Risk Management
The rapid evolution of the ESG Controller role underlines the pressing need for organizations to standardize and validate their ESG reporting processes. Recent data from AuditBoard reveals substantial gaps in ESG program readiness, further emphasizing the critical function of ESG Controllers in mitigating compliance risks. Integrated Risk Management technology offers a pathway to bridge these gaps, ensuring that companies are compliant and better positioned to navigate an increasingly complex regulatory landscape.
Beyond Traditional Boundaries: The Shift from GRC to Integrated Risk Management - An EY Perspective
Risk management is stepping beyond traditional boundaries, and the shift from GRC to Integrated Risk Management (IRM) is central to this new era. But what does this mean for today's organizations, and how can we make the transition effectively?
Bridging the Security Gap: Integrated Risk Management’s Response
In response to recent comments by Palo Alto Networks CEO Nikesh Arora on the need for rapid, modernized cybersecurity defenses, John A. Wheeler emphasizes the crucial role of Integrated Risk Management (IRM). John draws from his extensive expertise to highlight the four key benefits of IRM: a unified view, intelligent resource allocation, streamlined compliance, and strategic future-proofing, addressing both the challenges and solutions in today’s evolving threat landscape.
Charting the Future of Risk: The 2023 IRM Navigator™ Technology Market Reports
Risk management has become a paramount concern for organizations across industries in an era of rapid technological advancement, globalization, and ever-shifting regulatory landscapes. The growing business complexity and interconnectivity demand an integrated approach, propelling Integrated Risk Management (IRM) into the spotlight. IRM is no longer an option but necessary, shaping the contours of resilience, compliance, performance, and assurance.
The Future of Cybersecurity: Navigating NIST CSF 2.0 with IRM
In the complex and ever-changing cybersecurity landscape, the NIST Cybersecurity Framework (CSF) 2.0 emerges as a beacon for organizations striving to manage and mitigate cybersecurity risk. Integrated Risk Management (IRM) technology plays a pivotal role in this journey, bridging the gaps between various risk management disciplines and fully integrating cybersecurity risk with Enterprise Risk Management (ERM).
Four IRM Tips for Conquering the Biggest Accounting Experiment in 100 Years
We must go beyond the traditional Governance, Risk Management, and Compliance (GRC) approach focusing on compliance risk to address these new sustainability risk disclosure requirements. While GRC is a critical component of risk management, focusing solely on it can limit our view of specific regulatory mandates, often missing the "bigger picture" of strategic risk. Integrated Risk Management (IRM), on the other hand, incorporates GRC but goes further. Here are four tips to help companies succeed.
EU Commission's Final Rules on Corporate Sustainability Disclosures: A Focus on Materiality and Global Alignment
On July 31, 2023, the European Union's executive body finalized the rules for corporate environmental, social, and governance (ESG) disclosures, confirming earlier moves to ease the requirements. This decision aligns with European Commission president Ursula von der Leyen's pledge to cut red tape across the EU executive's work this year, as companies have expressed concerns about the mounting cost of environmental rules.
Decoding the New SEC Cybersecurity Rules: Material Incident Reporting and Risk Management Disclosures
The Securities and Exchange Commission (SEC) recently adopted new rules to enhance and standardize public companies’ cybersecurity incident reporting and risk management disclosures. These rules, effective in December, represent a significant shift in the regulatory landscape. Companies must act now to ensure they are prepared, and Integrated Risk Management (IRM) can play a crucial role in this process.
Navigating Cybersecurity: The SEC's New Disclosure Rules and the Role of Integrated Risk Management
In response to the escalating significance of cybersecurity threats in today’s digital era, the Securities and Exchange Commission (SEC) has set the stage for a major transformation in corporate cybersecurity disclosures. Integrated Risk Management (IRM) can serve as the perfect ally to companies as they adapt to these changes.
The Dunning-Kruger Effect in Humans and Its Echo in AI: How IRM Can Help
Artificial Intelligence (AI) has become pervasive in our society, transforming how we work, communicate, and solve problems. However, it’s not immune to the cognitive biases that its human creators hold. An intriguing example is the Dunning-Kruger effect, a cognitive bias in humans that can inadvertently permeate AI systems, posing unique risks.
Integrated Risk Management: The New Frontier in COSO-Driven Sustainability Reporting
In contrast to the traditional GRC approach, an Integrated Risk Management (IRM) approach offers a more comprehensive and strategic perspective on sustainability reporting. It provides a structured approach to managing the broad spectrum of risks associated with sustainability, including performance, resilience, assurance, and compliance risks.
Global Impact of EU's CSRD: The Essential Three-Step Action Plan
The forthcoming European Union’s (EU) Corporate Sustainability Reporting Directive (CSRD) is poised to transform corporate sustainability reporting. This directive seeks to enhance the transparency of companies' impacts on society and the environment. Here, we present three crucial actions to help you navigate and meet the requirements under this directive.
The Race Begins 1/1/24: Get Ready for the New Age of Sustainability Risk
In 2024, the landscape of sustainability risk disclosures is set for a significant transformation. We are witnessing the simultaneous implementation of the International Financial Reporting Standards (IFRS) Foundation's takeover of the Task Force on Climate-related Financial Disclosures (TCFD) responsibilities, the recent launch of IFRS S1 and S2, and the adoption of the European Union’s (EU) Corporate Sustainability Reporting Directive (CSRD). The United States Securities and Exchange Commission (US SEC) is also gradually adjusting its stance toward this trend with its climate-related disclosure rules.
Steering the Corporate Ship: CEOs See Rough Seas Ahead
CEOs increasingly find themselves at the helm in a dynamic corporate landscape, steering their organizations through rough seas. According to a study conducted by the IBM Institute for Business Value in collaboration with Oxford Economics, the two areas of greatest concern for CEOs over the next three years are environmental sustainability and cybersecurity/data privacy.
ISSB Standards: The New Language for Climate Risk Reporting and the Promise of IRM
As the ISSB standards begin to shape the corporate reporting landscape, companies must harness the power of Integrated Risk Management (IRM) to navigate this new terrain successfully. The introduction of the ISSB standards represents a significant leap forward in standardized, global sustainability disclosures. However, this new language also brings new challenges, making the role of an integrated risk management approach even more vital.
3 Ways IRM Offers a Path Forward for Fragmented Risk Disciplines - Including GRC
In the dynamic world of business, organizations are constantly exposed to myriad threats and risks. To tackle these challenges, companies traditionally deploy different risk management disciplines tailored to address specific facets of risk. These disciplines include Operational Risk Management (ORM), Information Technology Risk Management (ITRM), Enterprise Risk Management (ERM), and Governance, Risk and Compliance (GRC). GRC is most often the outlier among these risk management disciplines due to its legacy nature as a standalone function. While this was accepted in the past, it is a significant barrier to more effective ways of managing risk.
RiskTech Journal News Updates
RiskTech Journal
Managing Risk, Embracing Technology
In today's dynamic business landscape, managing risk and embracing technology are essential components of sustainable success. The RiskTech Journal delivers timely insights for business leaders seeking better ways to manage risk using modern approaches and tools. Harnessing the power of technology enables businesses to optimize processes, enhance decision-making, and stay competitive in an increasingly digital world.
Browse the latest RTJ insight articles and news updates and below
The RiskTech Journal Online Subscription is a premier resource for executives and professionals focused on the intersection of risk management and technology. It provides subscribers with access to a curated collection of articles and expert insights designed to enhance risk management strategies through technological innovation. With its online format, the RiskTech Journal offers flexible access to critical information, helping leaders make informed decisions and stay competitive.