Some of the greatest strides in the formalisation of enterprise risk management (ERM) have occurred within the past decade – prompted by problems such as the global financial crisis and the increasing threat of cyberattacks. So how do organisations effectively focus on a formalised risk management structure? Workiva's white paper "Harnessing the Power of Technology in ERM: Driving a Continuous and Verifiable Process" suggests some answers.
Our technical helpline provides valuable advice to members on a host of professional issues. Here are some of the questions you’ve recently asked.
IIA Global is introducing two new professional Standards and updating some of its existing Standards with effect from 1 January 2017. So what are the changes?
Your mindset is the biggest tool for your job as it is the key to influencing those around you. Honing these soft skills is just as important as developing your technical expertise, writes Diane Ingham-Cook, a consultant at Effective Training.
Often internal audit will flag up the same issues time and again without getting to the crux, or root cause, of the issue. This is why Root Cause Analysis (RCA) is essential to improving audits, writes James Paterson, the founder of Risk & Assurance Insights.
Assurance maps are a vital tool that guide internal audits and give audit committees peace of mind. Sandie Dawson, director at Dawson Corporate Advisory, offers insight into effective assurance mapping.
Corporate culture is high on audit committees' agendas, but few understand what to look for and how to measure something as nebulous and intangible as culture. Alexander Glebovskiy, internal auditor at an FCA-regulated firm, shares his advice.
The importance of velocity as a risk assessment factor has been widely acknowledged by the risk management community in recent years. But so far the profession has largely failed to agree on a meaningful concept for measuring and weighting velocity as a risk factor. Maybe a simplistic approach can help, write Matt Rigby and Christian Thurow.
Given that "black swan" events are unpredictable, is it possible to protect your company against them? The answer is no – but you can plan for the consequences, according to Bill Waite, group chief executive of The Risk Advisory Group.
A new EU data world is coming. Cindy Ng, technical analyst at Varonis, lists the five most important things that all companies should know about the proposed EU General Data Protection Regulation (GDPR), likely to come into force in 2017.