ANX Corporate Blog: Posts tagged as risk

Showing 1 through 3 of 3 total posts

May 18th 2011, 11:27

Outsourcing Security? Think Responsibly!

Posted by Matt Peterson
All good intentions don’t always end up with the desired result we were originally seeking or desired.  The same can be said when it comes to the ever changing world of information technology and security.  The popular move right now is toward consolidation and hosting systems in the cloud.  While there are many great financial benefits associated with cloud offerings, it’s important to understand the bigger picture in terms of risk and business continuity.
It’s understood that risks change over time that could pose new threats and vulnerabilities to the applications and systems in which are now hosted by a third party.  The agreements in place with your provider will often detail the terms of the agreement, but often

Comment BubbleComments (0)

Dec 9th 2010, 09:16

What 2011 Holds in Store for Your GRC Program – Five Predictions | Prediction #2

Posted by Chris Noell
What does 2011 hold in store for your GRC program? My post on Tuesday, December 7th, defined my first prediction - Greater Focus on Risk Management Capabilities.
Read below for my second prediction for 2011 GRC programs.
Prediction #2 | Redeployment of Internal Resources
According to recent studies, risk and compliance functions spend the majority of their time on tactical administrative tasks. Indeed, studies show that as much as 62% of effort is spent on data collection versus 36% on analytics/risk mitigation, and 2% on other tasks. 
I’ve found that when tactical activities dominate a program, there are 3 main issues that arise – audit fatigue, low value outcomes, and low level of executive participation.
Audit fatigue: Let’s

Comment BubbleComments (0)

Dec 7th 2010, 09:50

What 2011 Holds in Store for Your GRC Program – Five Predictions | Prediction #1

Posted by Chris Noell
It’s certainly not news that 2010 has been a tough year for organizations looking to establish and maintain an effective GRC program as they face the ongoing challenges of balancing GRC obligations with budget and resource constraints.  In 2011, as the number of applicable regulations and standards increase and organizations look to protect themselves against security breaches, I expect the importance of GRC to increase in the coming year. 
So, where should your organization start? Over my next five blogs posts, I will share my five predictions for what 2011 holds in store for your GRC program.
Prediction #1 | Greater Focus on Risk Management Capabilities
Although many pundits have predicted more focus on risk management for years, in my discussions

Comment BubbleComments (0)