“AT&T confirmed yesterday that the company experienced a massive data breach in which an unknown entity stole phone records from almost all of its nearly 110 million customers. The telecommunications giant discovered the breach in April and started an investigation. It found that the hacker accessed the data through an illegal download that targeted a third-party app called Snowflake,…
You are familiar with the sign: “Objects in the mirror are closer than they appear,” which is the “warning sign” on your vehicle’s door mirrors. Applying this warning to the risk management space, one can identify Examples of risks that are much closer to your organization (and you) than they may appear to be: I would also like…
Hello folks, I am stating the obvious when I say that compliance and assurance are entirely different endeavors from Risk Management: Strategic risk assessments, as part of an effective ERM framework, are critical to preempting risks and preventing unfortunate events from occurring in the first place. Organizations can proactively mitigate potential risks/threats by focusing on strategic risk and ensuring they achieve their corporate…
Given the possible impact/effects of a Solar Storm that parts of the world are experiencing, especially in parts of the United States, including my home state of Florida, should these be considered part of your business impact analysis (BIA) as a larger part of your Business Continuity plans and your enterprise risk management framework? (low probability/high impact)…
Whether you are aware of it or not, wicked problems exist in your organization today, yesterday, and tomorrow that must be identified and mitigated (as much as they can be mitigated). But what are wicked problems, you ask? I have shared below various quotes/definitions around what constitutes wicked problems. “In wicked (complex/dynamic) domains, the rules of the game…
If operational risk failures can happen to a bank with a US200 million dollar asset base, what about your bank? Why are we so comfortable (normalized deviance, confirmation bias, or availability bias?) with the internal controls of our banks in the Caribbean? “The Office of the Comptroller of the Currency announced on Wednesday that the bank…
Risk management is not a panacea or a fait accompli to value protection in any institution. The most recent failures of the Banks in the US and including Credit Suisse are proof of that. Your risk managers, internal audit, and your external auditors may be “blind” to some risks if their focus continues to be singularly on “accounting”…
The cover (see below) of the 2023 WEF Global Risk Report, I submit is meant to deliver a clear warning, signaling a global community interconnected and “heating up” The following are some key takeaways, as I see them: In summary, and as it relates to the Caribbean, we deduce from this report that institutions, if they want…
Good day folks, The “value” of Enterprise Risk Management continues to be discussed and debated in the hallways/board rooms/schools. As a risk management consultant and lecturer, it is a question I am always asked, so much so that I often refer to myself (my companies) as not only risk practitioners but also risk sales managers….
Fellow colleagues, Please check the link below and share your thoughts/answers to my questions below.This is not meant to be controversial nor am I casting any aspersions and with the greatest respect to the speakers, why aren’t any CURRENT and practicing Operational or ERM risk professionals on the list of speakers, as best as I…
