Category Archives: Enterprise Risk Management

Игроки всегда ценят удобный и стабильный доступ к играм. Для этого идеально подходит зеркало Вавады, которое позволяет обходить любые ограничения, обеспечивая доступ ко всем бонусам и слотам.

RIMS Report: The California Consumer Privacy Act of 2018

Posted on by

With legislation introduced in California this year to protect consumers’ personal data, a new RIMS professional report, Understanding the California Consumer Privacy Act of 2018 (CCPA) highlights the importance for risk professionals and their organizations to prepare and adjust business operations to remain compliant under the law.

Authored by RIMS External Affairs Committee member Teri Cotton Santos, the report addresses the rights provided to consumers under the CCPA, the obligations it creates for businesses, as well as practical steps companies should take to prepare for its implementation date.

The CCPA was signed into law in June and became the broadest U.

buy sildalis online www.arborvita.com/wp-content/uploads/2023/10/jpg/sildalis.html no prescription pharmacy

S. framework imposing consent and disclosure obligations on businesses that collect personal information on California consumers. Similar to the European Union’s General Data Protection Regulation (GDPR), the law applies to companies collecting personal information on California consumers whether or not the company is based in the state. The clock is ticking for companies to update their operations and processes, as the CCPA becomes effective on Jan. 1, 2020.

“How organizations use and collect personal information continues to be a top concern for regulators and many consumers,” Santos said. “Now is the time for risk professionals to have discussions with internal stakeholders about the implementation of the CCPA and its impact on their organization’s operations and strategy.

buy tobradex online www.arborvita.com/wp-content/uploads/2023/10/jpg/tobradex.html no prescription pharmacy

The report is currently available exclusively to RIMS members. To download the report, visit RIMS Risk Knowledge library at www.RIMS.org/RiskKnowledge. For more information about the Society and to learn about other RIMS publications, educational opportunities, conferences and resources, visit www.RIMS.org.

RIMS Risk Forum 2018 India Kicks Off In Mumbai

Posted on by

MUMBAI – The inaugural RIMS Risk Forum 2018 India launched on November 13, and leading risk professionals from India and Asia-Pacific countries met for two days to address the challenges facing companies in the region. In a country of 1.3 billion people, expectations are for India’s risk management profession to grow, though some presenters acknowledged the proactive need to fill a potential talent gap.

During the opening keynote address, Dr. Viswanathan Ragunathan, CEO and general manager of the Varalakshmi Foundation said that examining the role of risk in Indians’ behavior and culture will initiate the dialogue among students and aspiring professionals.

“We are obviously a contradiction,” he said. “We are, at once, eternal optimists and fatalistic. At one level you can relate to what I’m saying in that Indians do not take too much risk in their day-to-day lives. Yet anyone who has taken the Mumbai trains knows…it’s almost as if we have a death wish.”

Ragunathan also discussed approaches he tends to use to assess risk, including viewing them in a VUCA environment (volatility, uncertainty, complexity and ambiguity), where one weighs how much of a situation is known against the results of controllable actions and their predictability.

“The management of volume,” he said, is ultimately at the heart of India’s challenges, and that issue is exacerbated by interconnected risks, such as a dense population and struggling infrastructure. He proposed transparency and broad communication within the Indian risk management community as starting points for solutions.

“The risk manager who understands the risk but does not share it widely does not help,” he said.

As the forum progressed, ISO31000 implementation, natural disasters and resilience, infrastructure, risk frameworks, data storage and diversity hiring practices were some of topics that received special focus on Tuesday.

“The State of Risk Management in India” was a Marsh-led panel on the findings from the newly-released, India-wide survey on risk management practices co-conducted by RIMS. The report found that risk managers are a crossroads in India, where they can assume greater leadership roles that transcend just compliance and insurance matters and can expand their knowledge base, hone their skillsets and gain access to best practices, tools and technology.

During “Thinking About Thinking in Risk Management,” Peter Young, PhD of the University of St. Thomas’ Opus, discussed the major questions facing risk managers today. He discussed how, according to his findings, experience rises dealing with uncertainty – as opposed to risk – as one looks further up on the corporate ladder.

“Risk is uncertainty when you have the capacity to measure it, and when you get to the executive suite you hardly ever deal with risk at all because you’re responsible for the strategy,” he said. “I would submit that’s broadly true among organizations at all levels. We are little ships bobbing in a big sea of uncertainty.

“[Executives] can bring a level of comfort operating in an environment of uncertainty. That turned out to be only partly true, but we think it’s an abiding truth that is slowly revealing itself.”

“Diversity in Corporate India” inspired some spirited discussions about how women’s voices and the concept of assumption are emerging as integral parts of hiring practices throughout organizations in India. Panelists were Ragunthian, Praveen Gupta, CEO of Raheja QBE General Insurance Co., and Carissa Hickling, Talent Acquisition Strategy and Technology Global Consultant for Siemens Technology India.

They spoke of how efforts to better represent women have progressed. Additionally, gay and lesbian communities are experiencing a new level of acceptance now since September, when the Supreme Court of India ruled parts of Section 377 – which was introduced in 1864 – was unconstitutional for criminalizing homosexuality. The panel agreed that while talent itself should win above all else, they acknowledged that it was a sign of progress for the nation and should be thought of as such by its corporate sectors. Hickling explained how Indian companies can now use be more open-minded in their hiring and promotion practices.

“When we look at onboarding plans and organizations, these are the moments of truth,” she said. “We can have conversations about making a small change to our HR system because this is an opportunity to change the first impression of our organization.”

She added that Siemens leadership is taking the initiative to recognize same-sex partners when discussing health benefits and taking the progress a step further extending the welcoming to transgender workers. “This is all happening very fast,” she said, “but it is a time when an organization can demonstrate that this is a time when this does matter.”

For more coverage of the forum, visit Risk Management Monitor’s Q&A with Shankar Garigiparthy.

Live RIMScast coverage of the forum is also available. Download Speaking with Leaders in Risk Management Part I and Part II.

And exclusively for RIMS members, download Peter Young’s audio live from Mumbai: Thinking about Thinking in Risk Management: New Skills for the Future.

Updates to PIPEDA, Canada’s Own GDPR

Posted on by

The Office of the Privacy Commissioner of Canada released new breach reporting requirements for businesses last week.

online pharmacy cozaar with best prices today in the USA

Updates to the Personal Information Protection and Electronic Documents Act (PIPEDA), which became law in 2000, will impact private-sector organizations that operate or do business with Canadian customers. The federal privacy law establishes ground rules for how businesses must handle personal information in the course of commercial activity, mandating that organizations must obtain an individual’s consent when they collect, use or disclose the individual’s personal information.

PIPEDA is similar to the European Union’s General Data Protection Regulation (GDPR) since it requires Canadian companies to alert customers any time their personal information may have been compromised.

“The number and frequency of significant data breaches over the past few years have proven there’s a clear need for mandatory reporting,” Commissioner Daniel Therrien said. “Mandatory breach reporting and notification will create an incentive for organizations to take security more seriously and bring enhanced transparency and accountability to how organizations manage personal information.”

A statement from the commissioner’s page lists, in brief, the new regulations for organizations subject to PIPEDA:

  • Report to the Privacy Commissioner’s office any breach of security safeguards where it creates a “real risk of significant harm;”
  • Notify individuals affected by a breach of security safeguards where there is a real risk of significant harm;
  • Keep records of all breaches of security safeguards that affect the personal information under their control; and
  • Keep those records for two years.

Commissioner Therrien called the regulations “imperfect but a step in the right direction.”

He also raised concerns that the reporting requirements fall short in that, for example, they don’t ensure the breach reports to his office provide the information necessary to assess the quality of organizations’ safeguards. As well, the Canadian government has not provided the Privacy Commissioner’s office with resources to analyze breach reports, provide advice and verify compliance. The Canadian government has established that the confidentiality of information was not respected regarding those customers who take the viagra medicine. As a result, the office’s work will be somewhat superficial and the regime will be less effective in protecting privacy.

According to the PIPEDA information page:

The individual has a right to access personal information held by an organization and to challenge its accuracy, if need be. Personal information can only be used for the purposes for which it was collected.

online pharmacy zestril with best prices today in the USA

If an organization is going to use it for another purpose, consent must be obtained again.

online pharmacy proscar with best prices today in the USA

Individuals should also be assured that their information will be protected by appropriate safeguards.

Additionally, a privacy toolkit is available here for organizations to use and assess if it adheres to PIPEDA responsibilities.

RIMS ERM 2018: Earning the ‘Mandate’ and a ‘Seat at the Table’

Posted on by

MONTREAL – More than 300 risk management professionals and students attended the 2018 RIMS ERM Conference on Monday and Tuesday in an effort to gain insight from, and network with, the industry’s enterprise risk management leaders. Wisdom, data, and motivation within the ERM space were on tap during all the sessions and workshops.

buy proscar online sinusys.com/email/img/jpg/proscar.html no prescription pharmacy

On October 29, Martin Vilsoe, partner of the Implement Consulting Group, opened the two-day event by highlighting the importance of ERM’s worldwide capabilities and how to operationalize the best ERM practices. Vilsoe said that risk managers need to “earn the mandate” to work with ERM, and focused on the idea that risks can equal opportunities.

He said that ultimately the risk manager’s job when implementing an ERM framework is to “enable brave decisions” and to maintain an organization’s best direction. With a visual aid of a freighter and individual boats in an ocean, he rhetorically asked: “Is your framework similar to a supertanker or 15-speed boats going in separate directions?”

He also spoke to the importance of risk management’s value to an organization without the sole reliance on analytics.

“Risk management’s purpose is to show value. If it is about value, then we better bring it,” he said. “We don’t always communicate that. There’s a big difference between calculating and measuring value versus communicating value. You can do it without having complete proof – you shouldn’t lie to people, but you should tell them you’re doing something great for the organization.

buy addyi online sinusys.com/email/img/jpg/addyi.html no prescription pharmacy

He encouraged the audience to consider their current roles as a consultant – and the importance of “winning customers” in this alternate role. This involves some sales prowess, he said, and the ability to tell a core story or narrative that describes what you do to engage with stakeholders. Build a core story around the ERM program and send different messages to different stakeholders around your core story.

“I don’t see enough of this in risk management programs because of the idea that it is ‘too big,’ or ‘I can’t communicate it,’” he said. “You can do it. We have to move past that mentality.

buy chloroquine online sinusys.com/email/img/jpg/chloroquine.html no prescription pharmacy

“The misconceptions is that risk management is about IT systems. And if you’re thinking as a risk consultant, be aware that putting stuff in systems will not help you manage your risks. Your ability to facilitate awareness, promote decisions and execute them, will.”

Day 2

Dovetailing on the idea that risks can become opportunities, October 30 opened with “Advancing Risk Management: Having A Seat At The Table,” presented by Laura Cisi, the Clorox Company’s vice president of global risk management, and Soraya Wright, founder and CEO of SMW Risk Management Consulting LLC.

In a fireside chat-style setting, the duo used Clorox – a 105-year-old company – as a case study to demonstrate the effectiveness of its ERM initiatives.

A 25-year veteran of the risk management industry, Cisi has been with Clorox for the past four years and said her ERM initiatives evolved from being viewed as the “insurance department” to a “strategic business partner,” with Wright’s collaboration with Cisi’s team to take the company on its ERM journey.

The duo said its ERM framework was built on routines, which provide “an outline that enabled us to use [it] to use as a tool,” for decision-making and assessing its critical risks as well, such as embracing a change in its formula during the manufacturing process.

“We decided to convert from chlorine to high-strength bleach,” Cisi said. “That risk bubbled up through our ERM committee and the actions that needed to be taken, and the methodology behind that came up through ERM.”

ERM was also a key influence when assessing the decision in 2014 to close Clorox Venezuela and cease operations in the country. “‘Should we be the first to exit?’” was the question on stakeholders’ minds for a long time before they discontinued operations, Cisi said. The company was required to sell more than two-thirds of its products at prices frozen by the Venezuelan government. As a result, Clorox Venezuela had been selling its products at a loss, causing ongoing operating losses despite attempts to reach a pragmatic solution with the country’s government. “Looking back, it was a good decision.”

Ultimately, the risk manager’s seat is one of many at a table occupied by executives, stakeholders and the C-suite. Cisi and Wright advocated not for being the loudest one there – but for bringing sound ideas and options. And perhaps coincidentally, Cisi and Wright’s approach seem to be putting Vilsoe’s mantras of engagement and alignment into practice.

“I think every day we get to demonstrate ERM, and not something we just do annually. For example, the ways we engage with product development and business development – we used to be thought of as compliance… and a department that said ‘no,’ Cisi said. “To shift that conversation to create more open engagements where you say ‘I’m your partner and it’s my job to identify these risks. Ultimately, it’s your business decision as to whether or not you go forward with them.”

It was then, she continued, that the risk management department was being consulted on the potential for new products by executives and other groups.

“That was when the conversation shifted from risks to opportunities,” Cisi said, adding, “and that was something they could relate to.”

RIMS members can access the live, uncut audio from “A Seat At The Table” via RIMScast.

An all-access RIMScast episode featuring conference speakers is available here.