Click here to access subscription content at The RTJ Bridge - The Premium Version of The RiskTech Journal
〰️
Click here to access subscription content at The RTJ Bridge - The Premium Version of The RiskTech Journal 〰️
The RiskTech Journal
The RiskTech Journal is your premier source for insights on cutting-edge risk management technologies. We deliver expert analysis, industry trends, and practical solutions to help professionals stay ahead in an ever-changing risk landscape. Join us to explore the innovations shaping the future of risk management.
DORA's Wide Net: More Than Just Cybersecurity for Financial Services
The recent release of draft technical standards for the European Union’s Digital Operational Resilience Act (DORA) paints a clearer picture of its sweeping reach. While many associate DORA with cybersecurity for financial institutions, it casts a wider net, encompassing third-party providers and demanding a stronger integrated risk management approach. Let's unpack the key takeaways for businesses navigating this evolving landscape, incorporating insights from various sources.
The SEC Eyes Digital and Sustainability Risks: How Can IRM Help?
Gary Gensler, Chair of the Securities and Exchange Commission (SEC), yesterday delivered a thought-provoking speech at Yale Law School, addressing the opportunities and challenges presented by digital risks (encompassing Artificial Intelligence) and sustainability risks (including climate change). While acknowledging the potential benefits of AI, he emphasized the need for robust risk management frameworks to address issues like explainability, bias, and systemic risk. This raises the crucial question: how can Integrated Risk Management (IRM) help companies navigate this evolving landscape?
Latest SEC Reports Reveal Devastating Digital Risks
In an era of unpredictability and the intertwining of global digital risks, the recent cyberattacks on Clorox and Johnson Controls serve as a stark wake-up call for businesses worldwide. Currently estimated at a combined cost of $76 million, these incidents underscore the critical need for a more sophisticated, proactive approach to risk management. The just published Accenture Risk Study: 2024 Edition echoes this sentiment, revealing a concerning trend: 72% of businesses admit their risk management capabilities are lagging behind the evolving nature of threats, particularly in cybercrime.
Exploring Integrated Risk Management Solutions with the IRM Navigator™ Reports
Understanding the landscape of Integrated Risk Management (IRM) software solutions is crucial for organizations seeking to navigate the complexities of modern risk management. Recognizing this need, Wheelhouse Advisors has developed a comprehensive suite of resources known as the IRM Navigator™ Reports. These reports are designed to provide in-depth analysis and insights into IRM software solutions across various segments and capabilities, offering a roadmap for organizations looking to elevate their risk management strategies.
Why Gartner Believes GRC Tools Fall Short in Effective Risk Management
In the evolving landscape of risk management, the need for tools that can adapt to complex and multifaceted risk environments is becoming increasingly apparent. Recent insights from Gartner highlight a significant shift in the way organizations approach risk management, with traditional Governance, Risk, and Compliance (GRC) tools struggling to meet the demands of modern enterprise risk management (ERM) strategies.
Rethinking Risk Management - Moving Beyond ESG and GRC
The once-revered concepts of environmental, social, and governance (ESG) and governance, risk, and compliance (GRC) are now subjects of intense debate and re-evaluation. As businesses grapple with the complexities of modern risk management, there's a growing recognition that the traditional ESG and GRC frameworks, while groundbreaking in their time, may no longer suffice in addressing the nuanced and multifaceted risks of the 21st century.
Integrated Risk Management in the Digital Era: Employing IRM Technology for AI Challenges
In the rapidly evolving field of artificial intelligence (AI), the recent comprehensive survey, "Thousands of AI Authors on the Future of AI," spearheaded by AI Impacts, provides critical insights into the trajectory of AI development and its societal implications. As the founder and CEO of Wheelhouse Advisors, I am particularly intrigued by the survey's findings and the essential role of Integrated Risk Management (IRM) in addressing the digital risks associated with AI.
How the EU AI Act Will Forge a New Global Digital Landscape in 2024
The European Union's Artificial Intelligence Act (AI Act), set for enactment in mid-2024, represents a landmark in the global regulatory landscape for digital products and services. This comprehensive legislation is poised to fundamentally reshape how AI is developed, deployed, and managed based on the digital risks it manifests. As the first of its kind, it establishes a precedent for digital risk management, emphasizing safety, fundamental rights, and transparency.
Ticking Clock: Companies Scramble to Meet SEC Cybersecurity Rules, Audit Partners Cautious
With the December 15th deadline for the SEC's new cybersecurity risk disclosure rules rapidly approaching, companies are intensifying their preparations. The Center for Audit Quality’s (CAQ) biannual Audit Partner Pulse Survey provides valuable insights into the corporate response, especially in the context of the complex economic, political, and technological challenges businesses currently face.
SEC's Cybersecurity Countdown: Critical Steps for Public Companies
As the December 2023 deadline looms, U.S. public companies and their third parties face a critical juncture in cybersecurity risk management. The SEC's new disclosure rules demand swift adaptation, with implications for cybersecurity practices and risk management infrastructures. The upcoming webinar, "Cyber Risk Reporting to the Board: A Step-by-Step Playbook," offers an in-depth analysis and actionable strategies for compliance.
Integrated Risk Management: The Linchpin for Bridging SEC and NYDFS Cybersecurity Regulations
In response to escalating cyber threats, regulatory bodies such as the New York State Department of Financial Services (NYDFS) and the U.S. Securities and Exchange Commission (SEC) have fortified their cybersecurity rules, presenting a complex regulatory environment for financial institutions. As entities strive to comply with the nuanced requirements of the NYDFS's updated cybersecurity regulations and the SEC's proposed rules, Integrated Risk Management (IRM) emerges as a crucial strategy, providing a unified framework to manage cybersecurity risks and regulatory compliance effectively.
Leveraging IRM for Comprehensive Risk Assessments in Line with SEC Guidelines
In an era where the complexity of risks continuously escalates, the integration of operational risk management (ORM), IT risk management (ITRM), enterprise risk management (ERM), and governance, risk, and compliance (GRC) technologies within the broader umbrella of Integrated Risk Management (IRM) has never been more crucial.
ERP and IRM Take Similar Paths to Shape the Modern Business Landscape
While ERP has traditionally unified core business functions — from financial management and supply chain operations to human resources — IRM is achieving a similar integration for risk management disciplines, including operational risk management (ORM), IT risk management (ITRM), enterprise risk management (ERM), and governance, risk, and compliance (GRC).
AI Risk: What Every Board Member Needs to Know
Artificial Intelligence (AI) is a double-edged sword, offering both unprecedented opportunities and complex challenges. As boards and executives grapple with the rapid advancements in AI, they must navigate a landscape fraught with both promise and peril. This article aims to equip board members with key AI insights from a recent report by the National Association of Corporate Directors (NACD) and the Data & Trust Alliance, as well as a keynote address by John A. Wheeler at AuditBoard's Audit+Beyond event.
The Convergence of Cybersecurity and Operational Risk: Lessons from the Clorox Breach
The Clorox cyberattack, which led to a whopping 20% drop in shares since August, highlights the ripple effect a cybersecurity incident can have on operational processes. Here, a technology-centered vulnerability impacted the company's operational capabilities, and consequently, its market value. Such setbacks not only disrupt the daily functioning of an organization but can tarnish its reputation and erode stakeholder trust.
How Integrated Risk Management Helps Businesses Comply with California's New Climate Laws
California is setting a new regulatory precedent with the passage of Senate Bill 253 (SB 253) and Senate Bill 261 (SB 261), collectively aimed at enforcing climate-related disclosures among large companies. These pioneering laws pave the way for a national wave of similar regulations, including pending rules from the Securities and Exchange Commission (SEC). In the midst of this regulatory shift, Integrated Risk Management (IRM) emerges as a crucial methodology for comprehensively managing the complexities of climate-related disclosure.
Synchronized Visions: How Deloitte and Wheelhouse Advisors Illuminate the Future of IRM
As I survey the current literature and thought leadership on integrated risk management (IRM), it becomes increasingly clear that this discipline is entering a pivotal era. Both Wheelhouse Advisors and Deloitte have recently offered robust frameworks illuminating different facets of IRM.
From Brakes to GPS to Telematics: The Evolution of Modern Internal Audit
In the rapidly evolving landscape of risk management, the role of internal audit is shifting from merely being the "brakes" or a "navigation system" within an organization to something far more dynamic and nuanced. Drawing on the technology of telematics systems, which blend telecommunications and informatics to guide insurance risk assessment, this article explores how internal audit can similarly offer data-driven insights without intruding on managerial autonomy. As we venture into this new era, internal audit's role isn't just about guiding or stopping; it's about gathering, analyzing, and integrating data to inform risk management.
The ESG Controller in the Age of Regulatory Shifts and Integrated Risk Management
The rapid evolution of the ESG Controller role underlines the pressing need for organizations to standardize and validate their ESG reporting processes. Recent data from AuditBoard reveals substantial gaps in ESG program readiness, further emphasizing the critical function of ESG Controllers in mitigating compliance risks. Integrated Risk Management technology offers a pathway to bridge these gaps, ensuring that companies are compliant and better positioned to navigate an increasingly complex regulatory landscape.
Beyond Traditional Boundaries: The Shift from GRC to Integrated Risk Management - An EY Perspective
Risk management is stepping beyond traditional boundaries, and the shift from GRC to Integrated Risk Management (IRM) is central to this new era. But what does this mean for today's organizations, and how can we make the transition effectively?