Hi [[ session.user.profile.firstName ]]
Sort by:
    • How to integrate Business Risk and IT Risk
      How to integrate Business Risk and IT Risk Alex Hollis, GRC Practice Director SureCloud Recorded: Nov 27 2018 4:00 pm UTC 49 mins
    • ****PLEASE NOTE THIS IS A RESCHEDULE OF THE WEBINAR ORIGINALLY SET FOR 14TH NOV.****

      Many governance, risk, and compliance (GRC) projects fail because they’re deployed to support a specific compliance need or to meet the requirements of a specific department. In this webinar, SureCloud’s GRC Practice Director will discuss taking an integrated Risk Management approach, connecting Business Risk and IT Risk.

      The session will cover:

      • The challenges Integrated Risk Management (IRM) causes
      • Outlining how operational and IT Risk must work together
      • An approach for creating a model within your own business with the right GRC technology
      • The benefits of integration for internal communication and the relationships within your business

      Read more >
    • People Risk
      People Risk Grant Kennedy & Dr Aarti Anhal Recorded: Dec 11 2018 11:00 am UTC 61 mins
    • People are the single most important asset in any organisation, yet they can often be the most vulnerable. The opportunities and threats people present to the operations and strategic objectives of their organisations constitute “people risk” – an area of risk often ignored because of the perceived complexities involved in managing it effectively. This webinar will focus on “risk intelligence”, which refers to the way in which an individual’s values, risk competences and behaviours come together to drive their perception of risk, approach to risk-based thinking and decision-making. Th webinar will introduce the diagnostic tools that can be used by organisations to evaluate the “risk intelligence” of staff, whether in the operational 1st Line, the 2nd line’s risk and compliance functions or senior management.

      Read more >
    • Supply Chain & Risk Management (SCRM): Disciplines Joined-at-the-Hip
      Supply Chain & Risk Management (SCRM): Disciplines Joined-at-the-Hip Gregory L. Schlegel, CPIM Upcoming: Jan 15 2019 3:00 pm UTC 75 mins
    • Supply chains are becoming ever more complex, particularly with the increase in outsourcing and the advancement of multi-tiered global supply networks. More and more organisations are now faced with direct and continuously evolving operational and legislative risks as a result of global market disruption or malpractice in their supply chains.

      “Supply chain risk management is the implementation of strategies to manage every day and exceptional risks along the supply chain, underpinned by continuous risk assessment with the objective of reducing vulnerability and ensuring continuity.” (Supply Chain Risk Management: An Emerging Discipline”)

      This Supply Chain & Risk Management webinar provides participants with a glimpse of the global supply chain risk landscape. Definitions of risk management and new techniques and tactics to mitigate risk will be discussed, along with profiles of early adopters of Supply Chain Risk Management.

      Attend this Supply Chain & Risk Management webinar and get a brief introduction on how to:
      Identify global supply chain risks
      Assess risks within your supply chain
      Mitigate risks throughout your enterprise with new tools and tactics
      Manage volatility, uncertainty, complexity, ambiguity and risk
      Create a resilient supply chain

      Read more >
    • Risk Reporting
      Risk Reporting Dr Simon Ashby Upcoming: Jan 7 2019 11:00 am UTC 75 mins
    • Are you looking at implementing a new risk reporting framework or update one that you have already? In this webinar we will explore some of the options that are available. Learn how to get the most from tools such as risk registers, risk and control indicators and risk matrices. Consider the options available when designing reports and identify the limitations of common risk reporting practices.

      Risk reporting is an important output from the risk management process and should be a key input into both strategic and operational decision making. But if the wrong tools are used or reports are poorly designed then reporting can do more harm than good. Are your reporting arrangements adding value to management decision making and promoting intelligent conversations about risk tasking and control or are they little more than a procedural exercise?

      Read more >
    • Corporate Risk and Crisis Management
      Corporate Risk and Crisis Management David Rubens Recorded: Sep 27 2018 10:00 am UTC 79 mins
    • It seems clear that the basic frameworks and principles that have supported corporate risk and crisis management for the last twenty-five years are beginning to be outpaced by the scale and scope of the emergent risks that we are now facing.This webinar covers the main themes of corporate risk & crisis management and the development of organisational frameworks that can support effective risk and crisis management planning at the highest level. This webinar is based on the Level 5 Award in Corporate Risk and Crisis Management being hosted by the IRM from 29th-31st October.

      Read more >
    • Norman Marks on Making Business Sense of Technology Risk
      Norman Marks on Making Business Sense of Technology Risk Norman Marks, CPA, CRMA, Author, Evangelist and Mentor Recorded: Nov 27 2018 7:00 pm UTC 59 mins
    • Traditional approaches to technology risk lead to assessing it as 'high', 'medium or 'low'. But how do you know whether it makes business sense to take the risk or invest scarce resources into addressing it? Is it better to spend money on people and tools to mitigate cyber risk or to invest in a new product or marketing campaign?

      In this webinar, Norman Marks will share his thoughts on this challenge. He’ll talk about:

      -Why it’s necessary to express technology-related risk in business terms
      -Technology-related risk is just one of the business risks that need to be considered in making a decision
      -How, even a moderate risk, can take you over a 'tipping point'
      -Who should be involved in assessing technology-related risks
      -How to communicate technology-related risks to the board and top management

      Read more >
    • Realizing Opportunity with Third-Party Risk Management
      Realizing Opportunity with Third-Party Risk Management Tom Garrubba - Santa Fe Group; Sam Abadir - Lockpath Recorded: Dec 5 2017 10:35 pm UTC 62 mins
    • The complexity of third-party risk management increases every day, as does its importance to organizations that rely on third parties. Regulators are increasing their focus on potential third-party risk. Risk assessments for business processes and third party management are being integrated, mapped to organizational risks, and mined for patterns and trends. Some organizations are even developing and executing strategies for managing their supplier’s suppliers.

      In this 60-minute webinar, Shared Assessment’s Tom Garrubba and Lockpath’s Sam Abadir discuss:

      • The growing need for third party risk management programs.
      • How incorporating third party risk management into an overall governance, risk and compliance (GRC) program can create greater value for your organization.
      • And how the Shared Assessments Standard Information Gathering (SIG) questionnaire and the Lockpath® Keylight® Platform work together to streamline, navigate and create value in this increasingly complex third-party landscape.

      Read more >
    • Vulnerability Risk Management; Not Just Scanners Anymore
      Vulnerability Risk Management; Not Just Scanners Anymore Steven Grossman, VP of Strategy, Bay Dynamics with Guest Speaker, Forrester Sr. Security & Risk Analyst, Josh Zelonis Recorded: Oct 24 2017 4:00 pm UTC 57 mins
    • The risk from software vulnerabilities has historically been an IT Operations concern, but no longer. A more integrated approach centralizing vulnerability data, and decision making, is necessary to provide a holistic view of organizational risk up the executive chain. The ability to prioritize asset risk, communicate with stakeholders, and make rapid, informed decisions, will be the difference between success, and failure, for many modern enterprises.

      Join this live Q&A with guest speaker, Forrester Senior Analyst Serving Security & Risk professionals, Josh Zelonis and Bay Dynamics VP of Strategy, Steven Grossman, as they answer your questions and cover:

      - Why is vulnerability risk management more that scanning?
      - How do you prioritize risks beyond CVE and CVSS scores?
      - How can a preemptive approach elevate vulnerability risk management to the core enterprise-wide risk management item it should be?
      -What are the common challenges in moving to a vulnerability risk management model?

      Register for this webcast for insight into the changing demands on vulnerability management programs.

      Read more >
    • Risk Management for Infrastructure
      Risk Management for Infrastructure Graham Nicol Recorded: Oct 23 2018 10:00 am UTC 78 mins
    • Join us on this webinar to listen to Graham Nicol present on why an effective and dynamic risk management framework is vital for the successful delivery of large projects, programmes or portfolios within an Infrastructure capital asset delivery environment. This webinar covers how to communicate the need and associated benefits of risk management to employees, delivery partners and stakeholders, how best to identify and assess risk (qualitatively and quantitatively), when to apply appropriate quantitative techniques, whilst challenging schedule integrity standards to support a QSRA. All of which should inform proactive decision making that aligns to projects/organisations risk culture.

      Read more >
    • The Implications of the 2018 UK Corporate Governance for Risk Managers
      The Implications of the 2018 UK Corporate Governance for Risk Managers Mark Butterworth Recorded: Oct 18 2018 10:00 am UTC 51 mins
    • Following significant revisions to the FRC’s UK Corporate Governance Code in 2018, Risk Managers should consider how they should respond to the key features of the new Code. In parallel with assessment of the implications of the updated FRC Guidance on Board Effectiveness, this webinar will review the headline features: managing risk culture, the role of the Board in governance and risk, the importance of stakeholders in risk assessment and why Risk Managers should focus on Board effectiveness evaluations. Setting risk management in the context of more demanding governance requirements will bring greater recognition, but is also more challenging.

      Read more >
    • Cybersecurity Ratings Part 1: Cyber Risk Monitoring: Adapting to the New Normal
      Cybersecurity Ratings Part 1: Cyber Risk Monitoring: Adapting to the New Normal Lindsay Drabwell, Head of Membership Services, (ISC)² EMEA, Nick Trigg, Risk Consultant, BitSight Technology Recorded: Oct 9 2018 11:00 am UTC 59 mins
    • Security Ratings are the relatively new kid on the block when it comes to externally derived Cyber posture analysis.

      According to one of the most reputable research bodies, ‘continuous monitoring of systems and behaviours is the only way to reliably detect threats before it's too late’.

      The three big topics are VISIBILITY - across my whole cyber risk landscape , COLLABORATION - in order to remediate against risk appetite and AGILITY - How can I react in a timely manner to rapidly changing risk factors

      Given these challenges can you afford NOT to utilise Security Ratings?

      In this session Nick Trigg - Risk Consultant for BitSight Technology - will address these points along with

      •Do security ratings threaten or compliment traditional methods of questionnaires and audits
      •Why security ratings should be treated as a risk position rather than a vulnerability checklist.
      •Data: sources, accuracy, coverage, currency
      •Context : stakeholders, business impact
      •Time to value : best approach to implementation

      Read more >
    • The Silent Killer: How Third-Party Vendor Risk Threatens Everyone
      The Silent Killer: How Third-Party Vendor Risk Threatens Everyone Mike Baukes, CEO, UpGuard Recorded: Oct 11 2017 5:00 pm UTC 44 mins
    • Enterprises are becoming increasingly cognizant of the massive business risk posed by incidents of cyber attacks resulting in data breaches. Less well-known, and perhaps more potent a threat, is the danger posed by third-party vendors entrusted with sensitive data in the course of a business partnership. While an enterprise can have the best and most resilient internal IT practices, there are no such guarantees their external partners will take the same care. The consequences can be enormous.

      The UpGuard Cyber Risk Team has made it its mission to find data exposures where they exist, aiding in securing them against malicious use and raising public awareness about the issues driving cyber risk today. In this talk, UpGuard CEO Mike Baukes will discuss how third-party vendor risk has proven a potent and pervasive threat in the digital landscape of 2017, as illustrated by a newly discovered third-party vendor data exposure case involving the leaking of sensitive data from major transnational corporations.

      Learn how you can mitigate such third-party vendor risk and begin to evaluate and enforce your business partners’ cyber resilience against such threats.

      Read more >