KnowledgeLeader Blog

ISO/IEC 27001 and 27002: Risk Changes You Need to Know

Posted by Protiviti KnowledgeLeader on Tue, Mar 17, 2020 @ 08:00 AM

In November 2013, the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) will formally release long-anticipated updates to ISO/IEC 27001 and 27002. The last time these standards were updated was in 2005. 

Read More

Topics: IT Audit, Governance, Risk & Compliance, IT Governance, IT Infrastructure

Enterprise Risk Management: How to Effectively Raise the Bar

Posted by Protiviti KnowledgeLeader on Tue, Mar 10, 2020 @ 08:00 AM
Everyone talks about the need for good risk management programs, but nobody seems to know how to audit them to ensure that they work. The people that bear responsibility for setting the parameters of an enterprise risk management (ERM) program is pretty clear: the board of directors and the C-level executives. They decide what the risks are, what level of risk they’re willing to tolerate and what risks they do not want to tolerate. They are responsible for monitoring and responding to ERM outputs and obtaining assurance that the organization’s risks are acceptably managed within the specified boundaries.
 
Read More

Topics: Enterprise Risk Management, Internal Audit, COSO, Risk Assessment, Audit Committee & Board, Governance, Risk & Compliance

How to Efficiently Create Agile Risk Management Solutions

Posted by Protiviti KnowledgeLeader on Thu, Mar 05, 2020 @ 02:02 PM

Many organizations have failed to keep pace with changing trends in risk and compliance. Resource allocation for many risk and compliance initiatives implemented under pressure of a crisis to demonstrate urgency and prioritization or regulators has proven to be unsustainable.

Read More

Topics: Enterprise Risk Management, Risk Assessment, Governance, Risk & Compliance, Strategic Risk, Agile Auditing

What You Need to Integrate Risk in Your Business Planning Process

Posted by Protiviti KnowledgeLeader on Tue, Mar 03, 2020 @ 08:00 AM

While strategy-setting defines an enterprise’s overall strategic direction, differentiating capabilities and required infrastructure, a business plan lays out how an organization intends to execute a strategy during an annual period or, if longer, the operating cycle. Organizations should ask themselves: How should risk be integrated into the annual business planning process?

Read More

Topics: Enterprise Risk Management, Risk Assessment, Governance, Risk & Compliance, Business Continuity Management

External Access Risk: Key Factors You Need to Know

Posted by Protiviti KnowledgeLeader on Wed, Feb 19, 2020 @ 08:00 AM

Many businesses today exchange goods, services, information and knowledge using network-enabled technologies. Within such business, the proper protection of confidential information is essential to achieve the desired benefits and mitigate the associated risks. Failure to adequately restrict access to critical business information from outsiders (intruders) may result in unauthorized knowledge and use of confidential information by inappropriate parties.

Read More

Topics: IT Audit, Governance, Risk & Compliance, IT Infrastructure, IT Security, IT Risk, Performance Management/Measurement

What is Cloud Computing?

Posted by Protiviti KnowledgeLeader on Thu, Dec 20, 2018 @ 10:00 AM

What is Cloud Computing?

Cloud computing is defined as the use of a collection of services, applications, information and infrastructure composed of pools of computer, network, information and storage resources. These components can be rapidly orchestrated, provisioned, implemented, decommissioned and scaled up or down, providing for an on-demand, utility-like model of allocation and consumption.

Read More

Topics: Governance, Risk & Compliance, Cloud Computing, Cybersecurity, IT Security

Risk Assessment Maps and Prioritizing Business Processes

Posted by Protiviti KnowledgeLeader on Fri, Nov 17, 2017 @ 08:39 AM

Risk assessment helps identify and document critical business processes and the internal controls within each process. Combined with facilitated management meetings, this approach can help gain company-wide consensus by including key process owners in risk and controls analysis.

Read More

Topics: Enterprise Risk Management, Risk Assessment, Governance, Risk & Compliance

Guide to Risk and Risk Reporting

Posted by Protiviti KnowledgeLeader on Fri, Sep 01, 2017 @ 08:22 AM

Business risk is the level of exposure to uncertainties that the enterprise must understand and effectively manage as it achieves its objectives and creates value. It is not just about threats; there is an upside as well as a downside. Risk is not about a single point estimate—time frame is an important factor when evaluating risk, and exposure and uncertainty are important factors.

Read More

Topics: Risk Assessment, Governance, Risk & Compliance, Strategic Risk

How to Mitigate Risks Using Effective Business Continuity Planning

Posted by Protiviti KnowledgeLeader on Mon, Dec 03, 2012 @ 10:30 AM

Thorough business continuity plans help organizations minimize the risks of a disaster and restore vital business functions without significant detrimental effects. This blog post examines the fundamentals of business continuity management (BCM) planning and highlights critical lessons learned from various recent disasters, providing actionable steps you can take to create a customized plan.

Read More

Topics: Risk Assessment, Governance, Risk & Compliance, Strategic Risk, Business Continuity Management, Self-Assessment, Performance Management/Measurement

Add a Comment:

Subscribe to Our Blog

About KnowledgeLeader

KnowledgeLeader, provided by Protiviti, is the premier resource for internal audit and risk management professionals.

With over 1,400 customizable tools and 1,300 articles by industry experts, we offer the most comprehensive service on the market.

For more information:

 Tour the Site

Recent Posts

Posts by Topic

see all