How Can RMIS Support Risk Management?

Written by
How Can RMIS Support Risk Management?

A risk management information system (RMIS) allows you to automate many of the difficult to organize tasks involved in compiling, storing, and communicating risk information.

Who’s really responsible for third-party vendor breaches

Written by

Third-party vendors, suppliers, and partners pose more risks to your reputation and bottom line than ever before. Recent surveys indicate as many as 63 percent of breaches stem from third-party access. Some of the most devastating cyberattacks in recent years, in fact, have occurred not to big companies, but to their vendors. The sheer number of third-party contractors may be a factor. Enterprises are turning increasingly to contractors to not only save on the costs of hiring full-time employees, but also to fill a temporary need or a very specific niche such as IT or data analysis. As your own circle of trust widens, how will you ensure that your enterprise’s data, that of your clients and customers, will remain…

The most important part of GDPR compliance

Written by
what is a compliance manager

With the May 25th deadline for GDPR compliance now long gone, is your organization currently in compliance? If your answer is “no,” take heart: You are not alone. Most CIOs report that, when this sweeping new privacy-and-security law takes effect, their enterprise will not meet its mandates. Many say they are confused about exactly what they must do to avoid the heavy penalties—and loss of reputation—they may face as a result. Granted, a regulation with 99 directives can be intimidating. But non-compliance with the GDPR is not an option, not for those wanting to do business with people and companies in the EU. The penalty, if you do not comply, may be steep: up to 4 percent of annual global…

Tags: , ,
Categorized in:

5 Steps to GDPR Compliance

Written by
5 Common Compliance Program Mistakes

Now that the May 25th compliance date for the European Union’s (EU) General Data Protection Regulation (GDPR) has come and gone, the GDPR is now a reality that is expected to significantly change the way organizations process personal data and respond to data breaches. The regulation was adopted in 2016, will apply to organizations both in and outside of the EU and require them to institute new or enhanced data protection practices. The first thing to you should do is determine whether the GDPR applies to your organization. Article 3 of the GDPR provides and overview of the regulation which applies to any organization that processes, holds or somehow controls or monitors the personal data of individuals in the EU,…

Tags: ,
Categorized in: