Compliance – РИСК-АКАДЕМИЯ – АНО ДПО ИСАР

The clock is ticking for compliance with IMO’s 2021 cyber regulations.

riskacademy — Sun, 15 Nov 2020 17:19:27 +0000

Maritime organisations have long focused on safety and the management of risks, however, bringing cyber threats into play can often be challenging as these are usually harder to quantify, understand and relate to the physical world. Some lessons can be brought across from other industries and frameworks, including that of the National Institute of Standards and Technology (NIST), which can be very helpful in aligning thinking and practice to cyber risks. But there are unique considerations that need to be factored in when applying a robust risk management process to cyber risks within marine and offshore organisations.

In 2017, the IMO issued MSC-FAL.1/Circ.3 ‘Guidelines on maritime cyber risk management’. These guidelines provide high-level recommendations to safeguard shipping from current and emerging cyber threats and vulnerabilities, including functional elements that support effective cyber risk management. The IMO’s Maritime Safety Committee then adopted these guidelines through Resolution MSC.428(98) ‘Maritime Cyber Risk Management in Safety Management Systems’. This resolution encourages administrations to ensure that cyber risks are appropriately…

Comedy and Compliance

riskacademy — Fri, 25 Sep 2020 18:27:33 +0000

ComplianceLine‘s Amanda Hosenfeld and Michelle Zychowski welcome Ronnie Feldman of Learnings & Entertainments to discuss how to make compliance awareness and training interesting… and to make a big announcement for both ComplianceLine and L&E!

The post Comedy and Compliance appeared first on Corporate Compliance Insights.

(This is only a summary. Click on the headline to view the entire article at Corporate Compliance Insights and participate in the discussion.)

Подробнее…

Добро пожаловать в Compliance Club

riskacademy — Sun, 13 Sep 2020 14:37:40 +0000

Немного о Комплаенс ?‍??‍

Добро пожаловать в Compliance Club

Узнайте все о международном сообществе практиков в области комплаенс. Творческая группа: участники Сompliance Club.

Присоеденяйтесь к официальной группе ИСАР в Facebook

Добро пожаловать в Compliance Club

riskacademy — Sun, 13 Sep 2020 14:37:40 +0000

Немного о Комплаенс ?‍??‍

Добро пожаловать в Compliance Club

Присоеденяйтесь к официальной группе ИСАР в Facebook

Добро пожаловать в Compliance Club

riskacademy — Sun, 13 Sep 2020 14:37:40 +0000

Немного о Комплаенс ?‍??‍

Добро пожаловать в Compliance Club

Присоеденяйтесь к официальной группе ИСАР в Facebook

Добро пожаловать в Compliance Club

riskacademy — Sun, 13 Sep 2020 14:37:40 +0000

Немного о Комплаенс ?‍??‍

Добро пожаловать в Compliance Club

Присоеденяйтесь к официальной группе ИСАР в Facebook

3 Coronavirus Compliance Tips From the SEC | NAVEX Global

riskacademy — Sat, 22 Aug 2020 08:48:59 +0000

[author: Matt Kelly]

The coronavirus crisis is far from over, and compliance professionals still need every scrap of guidance that regulators can provide about how to run compliance programs in these difficult times.

So when the Securities and Exchange Commission published its latest risk alert the other week, I took notice. Even though the guidance was written for broker-dealers and investment advisers, it deals with subjects including policy management, risk assessment, and data security.

Well, those things challenge every compliance officer, regardless of industry. So let’s see what lessons can be extrapolated for corporate compliance programs generally.

Personnel and Policy Matters

This risk alert came from the SEC’s Office of Compliance Inspections & Examinations, and OCIE uses the phrase “supervision of personnel” quite often in its material. That conjures up an image of managers watching over employees on a sales team, but the term actually means much more — and raises an important point for compliance officers.

OCIE’s full description of “supervision of personnel” in its risk alert is this:

A firm’s supervisory and compliance program…

How do banks choose between an internal model or a standardised approach for FRTB compliance?

riskacademy — Fri, 07 Aug 2020 17:30:19 +0000

How do banks choose between an internal model or a standardised approach for FRTB compliance? #risk, #riskmanagement, #riskminds

How do banks choose between an internal model or a standardised approach for FRTB compliance?

Live from RiskMinds International, Tim Lind, Managing Director of DTCC Data Services, explores the role of data in choosing an FRTB compliance path. Visit th…

Присоеденяйтесь к официальной группе ИСАР в Facebook

Cloud Misconfigurations a Major Compliance Risk, Say IT Decision Makers

riskacademy — Thu, 23 Jul 2020 16:02:42 +0000

Cloud misconfigurations are considered a data security risk by 95% of IT decision makers in the UK, according to a new study from Trend Micro. The findings highlight how human error is a major cause of organizations’ compliance problems and is obstructing their digital transformation.

Of those who regard cloud misconfiguration as a risk, 41% said it is a “great risk.” For those working in B2C, this rose to 57%, and in administrative or technical roles, 52%.

Nearly two-thirds (62%) of IT decision makers said they are extremely or very concerned about the legal and regulatory compliance implications of cloud threats like misconfiguration, and 27% stated they had experienced such an incident over the past year.

The most common forms of misconfiguration errors include leaving an unencrypted data store exposed to the public internet without any form of authentication required to access it, exposing data to all global users of the same cloud platform and leaving encryption keys and passwords in open repositories.

This provides cyber-criminals with opportunities to undertake nefarious activities such as stealing and ransoming data and installing malicious digital skimming…

Global Enterprise Governance, Risk, and Compliance (eGRC) Market-Industry Analysis and Forecast (2020-2027) – by Component, Deployment Mode, Organization Size, Business Function, Type, Industry Vertical, and Region

riskacademy — Fri, 03 Jul 2020 14:11:58 +0000

Global Enterprise Governance, Risk, and Compliance (eGRC) Market was valued US$ XX Mn in 2019 and is expected to grow US$ XX Mn by 2027, at a CAGR of XX% during the forecast period.

REQUEST FOR FREE SAMPLE REPORT: https://www.maximizemarketresearch.com/request-sample/55265/

Market Overview:

Managing regulatory risk for any organization is the top risk. For organizations, managing regulatory risk is becoming vital as enterprise governance risk compliance supports organizations to manage and integrate IT operations that are conditional on regulation. With the introduction of government regulations across the industry, verticals globally have led organizations to implement enterprise governance, risk, and compliance (eGRC).The report study has analyzed revenue impact of covid-19 pandemic on the sales revenue of market leaders, market followers and disrupters in the report and same is reflected in our analysis.

The enterprise governance, risk, and compliance (eGRC) enable audit, risk & compliance management, business resiliency applications, and others. Increasing the adoption of digital and automated solutions has led to an increasing volume of risk in…