Risk Assessment

News & Analysis as of

Economic Downturn Week, Part III – The Desktop Risk Assessment

I continue my exploration of actions you can take to improve your compliance program during an economic downturn with a review of what my colleague Jan Farley, the Chief Compliance Officer (CCO) at Dresser-Rand, called the...more

Blue Pill/Red Pill: How Officers and Board Members Can Swallow the Red Pill and See the Real World of Cybersecurity

Trying to understand how a hacker thinks can twist your brain around – while you normally think about how to make something work or why something is not working, hackers think how to get something to work in ways that it is...more

Tea Leaves from AAG Caldwell on An Effective Compliance Program

The government is on a public relation campaign. Department of Justice and SEC officials have been making the rounds and giving important speeches on criminal prosecutions, cooperation and voluntary disclosure and ethics and...more

Emergence of Transgender Status Issues in Workplace Raises Compliance Questions for Employers

Transgender issues have been grabbing headlines in recent months—perhaps most notably with Bruce Jenner’s televised announcement about his gender transition. Beyond the bright lights of pop culture, a wave of litigation and...more

4 Questions to Ask When You Learn of Potential FCPA Violation

You can add this blog posting to my tagged category – “profound grasps of the obvious.” If you are brave and willing to succumb to yet another in this series, please read on. Much has been written about how to conduct...more

Guidance for Incident Response Plans  

Organizations are preparing for data incidents and breaches by developing, updating, implementing, and testing incident response plans. This article provides a checklist of key components of an incident response...more

To Err Is Human; to Indemnify, Divine?: Human Foibles in the Cloud

BakerHostetler’s inaugural Data Security Incident Response Report (the “Report”) concluded that employee negligence and theft were two of the top five causes of data security incidents for the more than 200 incidents that we...more

Why Reputation Risk is Quickly Climbing the Ethics and Compliance Priority List, Part 3 | Beyond Compliance Training

So far in this series, we’ve discussed why companies are adopting a more public focus on ethics and compliance, how reputational risk can impact a company and its brand, and the first three elements of a five-part framework...more

Cybersecurity Oversight: What is a Board of Directors to Do?

Cybersecurity and the risks of data breaches figured prominently at the 35th Annual Ray Garrett Corporate and Securities Law Institute held April 30, 2015, at Northwestern Law School in Chicago. Participating in a panel...more

Risk Assessment: A Natural Partnership for Internal Auditors and CCOs

In the corporate compliance world, chief compliance officers and internal auditors are natural allies. They often report to the same board committee, share a common perspective on corporate operations, and are aimed at...more

"HHS OIG Issues New Compliance Oversight Guidance for Boards of Directors"

On April 20, 2015, the Office of Inspector General (OIG) of the U.S. Department of Health and Human Services (HHS) published its “Practical Guidance for Health Care Governing Boards on Compliance Oversight” (the Guidance).1...more

Cloud Computing Contracts Top Issues for Healthcare Providers

In this Issue: - Summary - Overview - Cloud - Use - Security - Privacy - Functions - Availability - Performance - Location - Services -...more

The BakerHostetler Data Security Incident Response Report 2015

The rate of disclosures of security incidents in 2015 continues at a pace that caused many to call 2013 and then 2014 “the year of the breach.” Most incidents are described publicly with attention-grabbing terms such as...more

Criminal Cyberattacks: The No. 1 Cause of Health Care Data Breaches in 2014

A new study released on May 7, 2015, by the Ponemon Institute revealed that criminal cyberattacks on health care organizations were the most prevalent cause of data breaches in 2014. The report underscores the need to think...more

How Smart, Connected Due Diligence Systems are Transforming Third Party Risk Management

The compliance field is in the early stages of a paradigm shift on managing due diligence—moving from a data drought to a data flood. Today’s compliance manager has to figure out how to proactively and continuously manage,...more

Guidance for Incident Response Plans

Organizations are preparing for data incidents and breaches by developing, updating, implementing, and testing incident response plans. This article provides a checklist of key components of an incident response...more

Be Mindful of Historical Usage When Licensing Microsoft Products Under SPLA

For many companies, Microsoft's SPLA is a good fit, in that it incorporates a monthly reporting mechanism, rather than an up-front license purchase, and allows hosting providers to float their usage up or down as demand for...more

Breaking Down the DOJ Cybersecurity Unit’s Guidance on Responding to Cyberattacks

Another federal agency has weighed in with “guidance” on cybersecurity preparation and breach response. The Department of Justice (DOJ) is the latest to issue guidance on how companies should respond to data breaches. The...more

Cybersecurity Guidance for Registered Investment Advisers

On April 28, the Securities and Exchange Commission (SEC) released a Guidance Update addressing the importance of cybersecurity and the steps registered investment advisers (and registered investment companies) may wish to...more

Private Equity In Africa: Context, Opportunities, And Risks

In this issue: - Overview - Macroeconomics - Politics and policy - The practice of private equity in Africa - Opportunities for private equity in Africa - An excerpt from...more

Locke Lord QuickStudy: Investment Advisers Should “Beef Up” Cybersecurity Strategies - SEC Issues Updated Guidance

Registered investment advisers should periodically assess their cybersecurity vulnerabilities, create strategies to respond, and make sure they are making the strategies work. ...more

New Guidance from the SEC: Cyber Security Best Practices

On April 28, 2015, the U.S. Securities and Exchange Commission’s Division of Investment Management (the “Division”) issued a Guidance Update to investment and fund advisers on the topic of improving cyber security. While it...more

European M+A News, Spring 2015

In This Issue: - European M&A Dos and Don’ts for Non-European Buyers - Current Developments Prospects of a Trade Agreement Between the EU and Japan - Noteworthy Deals Intel Buys German Chipmaker...more

SEC Updates Guidance on Cybersecurity

Emphasizing the critical importance of cybersecurity to registered investment companies (RICs), including insurance separate accounts and business development companies, and to investment advisers, the SEC’s Division of...more

Addressing Cybersecurity Oversight in Audit Committee Charters

Cybersecurity continues to emerge as a key risk that is attracting the attention of regulators and boards of directors. Companies take different approaches regarding how the board fulfills its oversight duty with respect to...more

480 Results
|
View per page
Page: of 20

All the intelligence you need, in one easy email:

Great! Your first step to building an email digest of JD Supra authors and topics. Log in with LinkedIn so we can start sending your digest...

Sign up for your custom alerts now, using LinkedIn ›

* With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name.
×