Risk Mitigation Risk Assessment

News & Analysis as of

Best Practices for Auditing & Monitoring Your Ethics & Compliance Program

To be defensible, it’s not enough to implement a strong ethics and compliance program. Regulators expect that companies are continually auditing and monitoring their programs and internal controls. Many companies with...more

ALERT: NIST Issues Final Guidance on Federal Contractor Cybersecurity Standards for Controlled Unclassified Information

On June 19, 2015, the National Institute of Standards and Technology (NIST) published the final version of guidance for federal agencies to ensure sensitive information remains confidential when stored outside of federal...more

How Businesses Can Reduce Cyber Risk: Pre and Post Incident: Businesses Need to Take a More Proactive Approach to Reducing What Is...

As the volume of sensitive data that businesses store ever increases, the use of mobile devices continues to grow and cyber villains become ever more sophisticated, it is perhaps of no surprise that we hear about new...more

Cyber-Attacks: Threats, Regulatory Reaction and Practical Proactive Measures to Help Avoid Risks

I. Cybersecurity; Its Importance and Relevance – How We Got to Where We Are Today - In the past few months, the White House, Home Depot, JP Morgan, Hard Rock Hotels, Tesla, the St. Louis Federal Reserve, the Internal...more

Top Three Cybersecurity Misconceptions [Video]

Cybersecurity is an issue that should be top-of-mind for all companies. But there are three misconceptions about cybersecurity that can put companies at significant risk. In this video, Foley Partner Michael Overly discusses...more

Assessing Your Approach To Compliance Risk Management: Compliance Programs Should Be Risk-Based — Here's How You Get There

Risk assessments are one of the first steps on the path to an effective risk-based compliance program, but it’s how you continue to manage and mitigate risk that truly determines if your program is successful. Kwamina...more

Addressing Environmental Issues in Real Estate Development [Video]

Dealmakers sometimes overlook environmental issues when negotiating transactions, leaving important business and legal issues unaddressed until they inevitably pop up shortly before closing and send everyone scrambling. This...more

Outsourcing by Canadian Companies after the USA PATRIOT Act

Wondering about outsourcing your data to the U.S.? What follows is an update to one of our most popular posts: Outsourcing by Canadian Companies: Another Look at the USA PATRIOT Act, originally written in January 2013....more

Survey Finds Companies More Prepared to Combat Global Corruption

The international community has made significant strides in combating corruption, with a proliferation of anti-bribery laws putting companies under pressure to ensure they — and their business partners — are able to detect...more

Technology in Healthcare [Video]

From the 2015 PLUS Medical PL Symposium session “Technology in Healthcare: EHRs & PHI,” moderator Patricia Marzella-Graubert (Swiss Re American Holdings Corporation) and panelist Alexander Grijalva (New York Presbyterian...more

A Deeper Dive: Risk Assessments Are a Necessary Step in Creating Layered Cyber Defenses

Tens of thousands of cyber attackers employed by Chinese People’s Liberation Army and other employees and contractors of the Chinese Ministry of State Security work diligently every day to steal information from U.S....more

8 Strategies for Compliance Risk Management: How to Fortify Your Efforts, Reduce Risk and Increase Confidence in Your Program

As a compliance practitioner, your goal is to design and oversee a program that’s comprehensive enough to mitigate risk, strong enough to address issues that occur (because they always can, and will) and robust enough to...more

Strategies For Businesses Protecting Electronic Data Within California

Businesses in California have a number of tools with which to fight off unauthorized intrusions into their electronic data whether perpetrated by employees, former employees, disreputable competitors or random hackers....more

Corporate Risk Ownership: When There are Multiple Teams Involved, Who Owns What?

“We have a enterprise risk management team. Where does their role end and ours begin?” That’s a common question as compliance teams mature their programs into risk-based approaches. The truth is, compliance risk...more

Fighting Back: Identifying Risks Posed by an Angry Current or Former Employee

Something lost is always in the last place you look (by definition). It can also sometimes be in the first. Although technology has made it possible for outsiders to manipulate and infiltrate your company’s systems...more

Wall Street and Ethics

I have to confess that there is a part of me that was skeptical about a new survey released last week finding that banks and other financial institutions have not embraced a culture of integrity. Indeed, the survey found...more

Four Security Gaps Cybercriminals Exploit in Your Business's Digital Storefront

Symantec, the American IT security company, recently released its 2015 Internet Security Threat Report that summarizes the number and types of threats and vulnerabilities seen in 2014. The report also analyzes trends and...more

Blue Pill/Red Pill: How Officers and Board Members Can Swallow the Red Pill and See the Real World of Cybersecurity

Trying to understand how a hacker thinks can twist your brain around – while you normally think about how to make something work or why something is not working, hackers think how to get something to work in ways that it is...more

Tea Leaves from AAG Caldwell on An Effective Compliance Program

The government is on a public relation campaign. Department of Justice and SEC officials have been making the rounds and giving important speeches on criminal prosecutions, cooperation and voluntary disclosure and ethics and...more

Emergence of Transgender Status Issues in Workplace Raises Compliance Questions for Employers

Transgender issues have been grabbing headlines in recent months—perhaps most notably with Bruce Jenner’s televised announcement about his gender transition. Beyond the bright lights of pop culture, a wave of litigation and...more

Guidance for Incident Response Plans  

Organizations are preparing for data incidents and breaches by developing, updating, implementing, and testing incident response plans. This article provides a checklist of key components of an incident response...more

To Err Is Human; to Indemnify, Divine?: Human Foibles in the Cloud

BakerHostetler’s inaugural Data Security Incident Response Report (the “Report”) concluded that employee negligence and theft were two of the top five causes of data security incidents for the more than 200 incidents that we...more

Why Reputation Risk is Quickly Climbing the Ethics and Compliance Priority List, Part 3 | Beyond Compliance Training

So far in this series, we’ve discussed why companies are adopting a more public focus on ethics and compliance, how reputational risk can impact a company and its brand, and the first three elements of a five-part framework...more

Cloud Computing Contracts Top Issues for Healthcare Providers

In this Issue: - Summary - Overview - Cloud - Use - Security - Privacy - Functions - Availability - Performance - Location - Services -...more

The BakerHostetler Data Security Incident Response Report 2015

The rate of disclosures of security incidents in 2015 continues at a pace that caused many to call 2013 and then 2014 “the year of the breach.” Most incidents are described publicly with attention-grabbing terms such as...more

99 Results
|
View per page
Page: of 4

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×