Archive For September, 2008

Financial Crisis: Lessons in Risk Management

The current financial crisis that we face has dominated the headlines recently. Many people on Main Street have asked “how could this have happened to our economy?”¦.who was asleep at the switch?….who was managing this risk?” These are certainly reasonable…

Lessons Learned from "Personal" Risk Management

Many of you reading this have purchased large ticket items like a home, condo, car, etc. These purchases are somewhat calculated expenditures and typically a large investment of your disposable income. If you are like me, these decisions are made…

The Challenge of Information Silos

Many of the large companies that we at CA talk to about their risk and compliance activities have different approaches, with somewhat different challenges that they need to meet. Still, the one common element that virtually all of them have…

Does Compliance Equal Security?

In case you are one of the few CIOs or IT managers out there still asking this question, Network World offers up its answer in its “Does compliance equal security?” post in mid-August. While it may be common understanding at…

Weighing the Costs/Benefits of Regulatory Certification

Particularly for information security professionals, regulatory compliance continues to be an important concern. At the recent ISACA Information Security Management Conference in Las Vegas, there were several sessions on the topic — I personally presented two on ISO 27000 series,…

Fostering a Compliance Culture

I have a new entry on the CA GRC blog which can be viewed here. http://blog.ca-grc.com/ This entry was based on the recent ethics scandal in the Denver office of the Mineral Management Service (MMS) division of the US Department of the Interior. …

The Importance of Fostering Your "Compliance Culture"

Late last week, headlines in US newspapers included a story about a notable ethics scandal in the Denver office of the Mineral Management Service (MMS) division of the US Department of the Interior. While stories about ethical lapses in the…

Risky Business: Making effective risk management a priority

Question: “Why do race cars have brakes?”Answer: “So they can go faster!” Question: “Why should organizations manage risk?”Answer: “So they can be more competitive!” Like the analogy? If you are a risk officer or work closely with one, you’ve probably…