ASIS International has published a new guidance document for enterprise security risk management (ESRM), claimed to be the first strategic security management tool of its kind, ‘elevating the security function by establishing a partnership between security professionals and business leaders to manage security risks’.
The need for cyber due diligence in a merger or acquisition of a business is more relevant than ever before. Connor Lattimer, Associate Director at Control Risks, explores the subject, and offers some pointers for risk managers.
In an article on the Airmic website, Kasper Nielsen, chief strategy officer at the Reputation Institute, says that most organizations still don't understand how to manage their reputation.
"The problem with some ERM frameworks," says Kasper Nielsen, "is that they are two dimensional, focusing only on cost and likelihood.
A new resource from ISACA, ‘Managing Third-Party Risk: Cyberrisk Practices for Better Enterprise Risk Management’ provides information and advice to help organizations better manage third-party IT risks.
The Q2 Assessment of Business Cyber Risk (ABC) report released by the US Chamber of Commerce and FICO recorded a National Risk Score of 688, a slight improvement over the previous quarter's score of 687.
Underwriters Laboratories (UL), a global safety science leader, has announced the publication of ‘CAN/UL 2984, Management of Public Risks – Principles and Guidelines’. This first edition document is intended to provide guidance to organizations accountable for the management of public risk
New GRC survey uncovers mixed levels of executive confidence in organizations’ ability to manage risks, map ownership and identify third-party vulnerabilities.
A Gartner survey of more than 250 legal and compliance leaders reveals that the standard point-in-time approach to risk management is no longer effective in today's landscape of fast-paced, rapidly changing business relationships.
Seven in 10 senior financial executives at the world’s largest companies believe their insurer would cover most or all of the losses their company would incur in a cyber attack. Many of the losses they foresee, however, are rarely covered by insurance. This is according to a new FM Global survey.
The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.
Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.
