Transforming Risk into Confidence: A PwC podcast series

As many organizations embrace a post-pandemic hybrid work model, CROs and other senior risk leaders need to manage new risks. In this podcast we'll discuss the regulatory and compliance challenges that the new hybrid work environment brings, and how companies can reimagine their approaches to risk to drive sustainable growth and adapt to this new way of working. Moderator Joe Nocera, PwC's Cyber & Privacy Innovation Institute Leader, is joined by Tiffany Gallagher, Health Industries Risk and Regulatory Leader, and Tom Snyder, Financial Services Risk and Regulatory Leader. We discuss the following questions:01:10 - From a risk perspective, what are some of the challenges that the hybrid work environment brings? 02:53 - We've seen some of the benefits of remote work, but what are the opportunities in a hybrid model?05:02 - We know that 62% of risk leaders plan to manage third-party engagements through increased leverage of data and automation. Can you tell us more about the new ways of working in a hybrid work environment?   06:27 - What surprised you with this shift?09:14 - Any key takeaways? What should companies keep in mind as they make the shift?

In this episode of PwC's podcast series, Transforming Risk into Confidence, moderator Elizabeth McNichol is joined by Lauren Massey and Jill Pavlus, all principals in PwC's Cyber, Risk and Regulatory practice.They share an exciting development in the Cyber, Risk and Regulatory space, where our leaders in tech and automation have teamed up with controls and compliance specialists to develop a solution to bring our clients into the tech-enabled future by leveraging intelligent controls to help increase efficiency and lower cost of compliance across sectors and across organizations.We discuss the following questions:(01:34) - What is an intelligent control?(02:46) - What trends in the market can intelligent controls solve for?(04:26) - What is the intelligent controls diagnostic function?(07:01) - How is this a more streamlined way of testing as an output of the diagnostic?(09:15) - What's in it for the client's organization to leverage PwC's intelligent controls solution?(11:07) - How has the intelligent controls solution helped clients in real world examples?https://www.pwc.com/us/en/services/consulting/risk-regulatory/podcasts/intelligent-controls-solution.html

In this podcast we talk about how cybersecurity executives can find the balance between improving security, resilience and trust, and being a good steward of the cybersecurity budget. Moderator Jane Allen, a Principal in PwC's Cybersecurity, Privacy and Forensics practice is joined by Joe Nocera, PwC's Cyber & Privacy Innovation Institute Leader, and Jim Fox, a Principal in the practice.We discuss the following questions:(01:14) - From your discussions with clients, what have they been most worried about? What's keeping them up at night?(02:40) - What are the common pitfalls when addressing the mandate of reducing expenditures?(04:22) - What's the best approach for companies to help prioritize spend, especially at a time when companies' cybersecurity needs may be shifting as a result of the pandemic?(06:10) - How do you take this mandate and use this as an opportunity to transform your cybersecurity strategy?(07:24) - Any key takeaways with this environment and all the pressure that CISOs have on them that are quite unique right now?https://www.pwc.com/us/en/services/consulting/risk-regulatory/podcasts/secure-transformation-cost-optimization.html 

We are sharing an episode from PwC's What's next in Cyber? Podcast Series. Moderator Joe Nocera, Cyber & Privacy Innovation Institute Leader, is joined by Matt Gorham, a senior fellow of the Institute and former Assistant Director of the FBI's cyber division, and Dr. Erica Borghard, Senior Director, US Cyberspace Solarium Commission.They share their perspectives on the importance of the public and private sector collaboration and why C-suite executives may draw on the seriousness with which the government is approaching cybersecurity.We discuss the following questions:(00:58) - Why is it important now more than ever, for the public and private sector to work together in preventing cyber attacks?(02:34) - What is the Solarium Commission? What is the primary goal of Solarium?(4:52) - Can you tell us more about what exactly cyber deterrence means?(07:34) - What can we expect from the Biden administration in the next 12-18 months? How can it support and enable the private sector?(11:01) - Where can the private sector benefit from working with the public sector? Why do you think there is still some reluctance in doing so?(19:55) - You have always said that cybersecurity is a team sport. For the private sector to be an effective team player, what steps should they take to collaborate with federal agencies?(22:06) - Key takeawayshttps://www.pwc.com/us/en/services/consulting/risk-regulatory/podcasts/collective-cyber-defense.html 

In this episode, Seth Rosensweig, Partner and National Digital Risk Compliance and GRC Leader with PwC is joined by Jeff Easley, AVP of Risk & Compliance solutions at USAA and Meris Yee Director in PwC's Risk and Regulatory practice specializing in integrated risk and GRC. In this discussion, they are chatting with Jeff about USAA's strategic Integrated Risk Management and GRC transformation and how it is helping to future proof risk and compliance for the organization.We discuss the following questions:(1:12) - Where did enterprise GRC start at USAA, what triggered the modernization, and where are you now?(1:58) - How are you managing stakeholders and bringing them together to really transform and integrate GRC for the company?(5:25) - What are you seeing in terms of future proofing, and your journey towards sustainability?(11:01) - What are some challenges around data strategy and enabling a sustainable GRC?(15:52) - What are your greatest hopes and greatest fears around this transformation?https://www.pwc.com/us/en/services/consulting/risk-regulatory/podcasts/integrated-risk.html

In this episode, Chris Cook is joined by Monica Nayar and Ed Jasitias to discuss the emerging trends revealed from PwC’s 2020 M&A Integration survey and what companies and board of directors should be focused on now to capture deal value. We discuss the following questions:(1:30) - What are we seeing from the 2020 PwC M&A integration survey in terms of deal trends? (3:26) - What have we seen in the survey about integration success and what might be different from prior years?(5:08) - What is important from a risk and regulatory standpoint and what areas are companies really focused on?(6:26) - What did the survey indicate in terms of trends and actually achieving deal value?(11:00) - What did the survey reveal about how people are embracing change and managing change related to a deal? https://www.pwc.com/us/en/services/consulting/risk-regulatory/podcasts/ma-integration-risk-insight.html

In this episode, Fran Grabowski joins Tiffany Gallagher to discuss the new healthcare interoperability rules, the top risk and compliance concerns for consumers, payers and providers, and the case for organizations to treat this as a strategic opportunity.We discuss the following questions:1:18 - What is interoperability and what are the goals of the new rules?4:03 - What are the top concerns and challenges and how do we expect them to be regulated?7:29 - What are the effects these rules will have on payers vs providers? 13:09 - What are some particular opportunities and risks that organizations are typically overlooking? 15:58 - What important messages were outlined in PwC’s recent thought leadership titled “The new healthcare interoperability rules: A risk and compliance perspective”?https://www.pwc.com/us/en/services/risk-assurance/podcasts/healthcare-interoperability-digital-transformation.html

CEOs are facing increasing pressure to show progress around diversity, equity and inclusion (DEI) and, now, social justice. But many companies are unprepared to meet the demands for greater transparency into their DEI strategy. In this episode, Sheri Wyatt joins Kevin O'Connell to talk about the importance of an effective DEI strategy, the challenges many organizations are facing and steps they are taking to meet those challenges.We discuss the following questions:0:38 - Why are companies starting to focus on diversity, equity and inclusion now?2:41 - Who should be involved in the discussion?4:55 - What are companies struggling with the most in this space?7:18 - Why is getting the data and the story so important?10:05 - What steps are companies taking now and how should they begin focusing on diversity, equity and inclusion?https://www.pwc.com/us/en/services/risk-assurance/podcasts/esg-diversity-equity-inclusion.html

Recent market volatility has led to heightened regulatory scrutiny of the integrity of index data. In this episode, Wes Bricker joins Beth Savino to talk about the rise of index investing, and how asset managers can drive transparency while navigating the regulations being implemented to ensure the market functions as designed.We discuss the following questions: 0:40 - What is the current landscape around index investing, and what strategies and challenges have emerged?3:37 - Why are regulators becoming more interested in index investing?6:18 - What do these new regulations mean for asset managers?9:39 - How are we approaching issues in the index transparency space and what are the next steps?

Investors want to know that energy companies are thinking about the appropriate ESG risks and opportunities, and incorporating those topics into the company's strategy. In this episode, Kevin O’Connell and Chuck Chang highlight those risks and opportunities and offer advice to help them to improve their ESG results.We discuss the following questions:0:36 - What are some broad trends in ESG?1:43 - Why is ESG important to the energy sector?3:11 - Why are investors voicing their concerns over ESG and what are they looking for?5:09 - How mature are the sustainability practices in the energy sector?7:01 - What advice do we have for companies to improve their ESG results?https://www.pwc.com/us/en/services/risk-assurance/podcasts/esg-energy.html

ESG is front and center for boards and leadership teams in the banking and capital markets sector. In this episode, Kevin O’Connell invites Matt Giordano and Corey Merrill to delve into ESG, it’s impact on this industry and what banks are doing to remain competitive.We discuss the following questions:0:36 - Why is it the time for banks to put ESG at the forefront?2:33 - What are banks doing from an ESG perspective to remain competitive?3:40 - How have banks played a catalyst role with ESG?6:16 - What are some of the key ESG factors impacting the banking and capital markets sector?7:26 - How do banks navigate material factors, metrics and disclosures?8:15 - How are banks integrating risks, such as market, credit and operational risks, into their frameworks?10:43 - What are the biggest lessons we’ve learned about the ESG journey?https://www.pwc.com/us/en/services/risk-assurance/podcasts/esg-banking-capital-markets.html

Regulatory complexities continue to grow, while the pace of new products and services has accelerated and innovation and regulatory technology (RegTech) solutions are becoming commonplace. In this episode, Matt Shelhorse joins Chad Gerhardstein to discuss the need for compliance program effectiveness in this environment, including the key compliance elements and trends in this remote and virtual environment.We discuss the following questions:1:10 - What is compliance effectiveness as we refer to it?2:07 - What are some of the broader trends around compliance, specifically in this heavily remote and virtual environment?5:14 - Where do you see heightened risk and regulatory focus shifting over the next 12 to 18 months?7:57 - How is the existing use of technology and the potential new uses driving change for compliance programs?11:05 - How are we seeing organizations react to and prepare for the recent DOJ sentencing guidelines?15:06 - Is now the right time for initiating new compliance projects and rethinking the overall compliance strategy as well as transformation?

In this episode, Vrushali Gaud joins Kevin O’Connell to discuss ESG priorities for technology companies, and how they are addressing the challenges and risks associated with stakeholder demands and commitments.We discuss the following questions:0:36 - What is ESG and how are technology sector companies prioritizing it?4:07 - What areas of ESG are top of mind for the technology sector? What commitments are tech companies making?7:57 - What challenges are companies in the technology sector facing?9:51 - How are companies addressing those challenges?11:30 - What role does technology play in being an enabler for ESG beyond the sector?https://www.pwc.com/us/en/services/risk-assurance/podcasts/esg-technology.html

In this episode, Jenn Kosar joins Kevin O’Connell to discuss the importance of ESG in the Insurance sector, what investors and regulators are expecting, and how top global insurers are implementing ESG strategy.We discuss the following questions:0:34 - Why is ESG (Environmental, Social and Governance) so important to the insurance sector?2:20 - How mature are the ESG strategies of the top global insurers?4:45 - What do investors want and what are insurers disclosing? What ESG issues should insurers prioritize, considering stakeholder importance and business value?6:07 - How will climate change impact insurers?8:44 - What is the view of the US and international regulators on ESG and what are their expectations for insurers?11:00 - If there are currently no mandates in the US, why should insurers obtain independent assurance over their ESG activities?https://www.pwc.com/us/en/services/risk-assurance/podcasts/esg-insurance.html

In this episode, Jennifer Lendler discusses how the pandemic has impacted companies' use of artificial intelligence (AI) and how they can navigate these complexities and build trust in their AI. We discuss the following questions: 0:30 - How has the artificial intelligence landscape evolved in our ever-changing world? 3:01 - Where do you start on this journey to protect and build trust in your AI? 4:28 - What are some questions, focus areas and key activities for anyone that owns or uses AI to consider? 6:49 - What do you need as a roadmap for these changing times? 8:44 - What are some key takeaways around building trust in AI? https://www.pwc.com/us/en/services/risk-assurance/podcasts/artificial-intelligence-oversight.html

In this episode, Monica Nayar and Mike Bellin join Eric Watson to discuss special purpose acquisition companies (SPACs), which are generating a lot of activity in the market. They explain the complexities and challenges and the actions that should be considered as companies navigate towards successful mergers when looking to go public.We discuss the following questions: (below times are dependent on further audio edits)0:50 - How does a SPAC work?2:15 - What are the advantages of a SPAC for a private company?2:49 - How is the merger timeline impacted in this process and what are the challenges companies are facing due to this?6:46 - What are the control challenges in SPAC transactions?8:56 - How are technology and analytics helping companies move through SPAC mergers?12:13 - What are the first steps when a company is looking to undertake this transaction?https://www.pwc.com/us/en/services/risk-assurance/podcasts/spac-merger-deals.html

In this episode, Ryan Folscroft joins Kevin O’Connell to discuss how environmental, social and governance (ESG) factors are impacting the four quadrants of the asset and wealth management (AWM) industry, and how firms are finding operational and commercial value.We discuss the following questions:0:35 - What is ESG and how is it impacting the asset and wealth management industry?3:05 - Are firms finding real operational and commercial value to ESG?5:43 - What are three current hot topics in ESG and the asset and wealth management industry?8:54 - How are companies addressing industry demands and how is PwC helping?12:58 - Based on the current market demand, what is the future vision surrounding ESG?15:03 - What is one key takeaway for our listeners?

Joe Sousa joins Kevin O'Connell to discuss the benefits of data lake technology, and the importance of implementing proper governance standards to help manage the risks associated with this technology.We discuss the following questions:0:36 - What is a data lake?1:42 - What are some of the benefits of data lake technology?2:56 - How are data lakes being leveraged by organizations today?4:56 - How can we ensure data lakes do not get polluted?6:29 - How are organizations establishing trust and transparency for the various stakeholders when they're using a data lake?

Companies are increasingly providing their customers more access to data, but how do they know they can trust the data? In this episode, Treesha Govender joins Kevin O'Connell to discuss the importance of providing assurance over data management controls given the increasing demand from regulators and customers.We discuss the following questions:0:36 - What are the key drivers for more extensive assurance over data management controls?2:32 - When should a company think about obtaining assurance over these controls and what framework should they consider using?4:00 - What are the key areas of data governance that companies should focus on?5:06 - What are the benefits of doing a risk assessment of your critical data?5:52 - What are some key takeaways when looking to start this journey?https://www.pwc.com/us/en/services/risk-assurance/podcasts/data-management-controls-assurance.html

In this episode Stephen D'Arcy joins Erik Nolte to discuss the potential for intelligent controls automation to reduce the cost of compliance and improve quality and confidence in your controls environment. We discuss the following questions: 0:41 - What is intelligent controls automation? 1:56 - What is an example of how it plays out in practice? 3:59 - What are some of the main benefits companies can expect from this solution and what is some of the feedback we’ve heard? 6:08 - What are the drivers that are pushing companies to leverage this automation approach? 8:17 - Are intelligent automation controls relevant to all companies?www.pwc.com/us/en/services/risk-assurance/podcasts/intelligent-controls-automation-compliance-cost.html

In this episode, Marie Hache joins Kevin O'Connell to discuss the risks associated with communicating ESG claims and commitments made during the COVID-19 pandemic, and the importance of aligning those commitments with your organization's purpose and value.We discuss the following questions:1:49 - With many companies having financial difficulties in the current situation, is ESG still relevant in today’s world?2:47 - Research shows that funds and indices designed with an ESG focus have been outperforming more traditional ones. Are both regulators and customers showing increased interest?4:27 - How do we expect COVID-19 will impact the way companies address ESG and how they demonstrate their value and purpose?6:15 - What are the examples of key considerations to keep in mind related to external disclosures and commitments in the context of COVID-19?7:14 - How could having a multidisciplinary committee in place help mitigate some of the risks?8:44 - Is employee engagement important in meeting these commitments?

In this episode, Julie Holden and Michael Isaac join Lillian Borsa to discuss re-thinking resiliency and the steps you can take now to strategically revise your business continuity management (BCM) program in the wake of COVID-19.We discuss the following questions:2:11 - How do you define business continuity management?3:04 - What are some key lessons that organizations experienced during the pandemic and what they should be thinking of and doing to be better prepared going forward?4:40 - What should organizations be thinking about and doing going forward?9:27 - How are we seeing companies use technology to enable their response?https://www.pwc.com/us/en/services/risk-assurance/podcasts/rethink-resiliency-business-continuity-covid-19.html

In this episode, Elizabeth McNichol and Carrie Duarte join Jill Pavlus to discuss how data and technology help you manage your operational risks as you implement and monitor your return to work strategy. We discuss the following questions: 0:57 - What areas are organizations focusing on when it comes to de-risking their return to work plans? 4.49 - What are some ways that we are helping our clients with their return to work strategies? 8:08 - Sharing a recent example, how does this all fit together? 10:44 - How are we seeing our clients leverage technology? 11:47 - Can you use an existing GRC technology for this monitoring and framework enablement? 12:44 - How does this environment provide us an opportunity to rethink how de-risking can result in a reduction in cost?https://www.pwc.com/us/en/services/risk-assurance/podcasts/derisk-return-to-work-technology-data.html

In this episode, Michelle Hubble joins Mike Maali to discuss the focus areas and process to successfully manage a SOX compliance change management program.We discuss the following questions:0:37 - What do organizations need to consider when managing their SOX change process?2:08 - How important is scoping the SOX program first?6:01 - How important is digitally upskilling a SOX program?6:48 - How should you engage stakeholders as you begin to lay out the digitization journey?10:15 - Why should you engage with external auditors in a more informed way while going through this change?

In this episode, Jaime Phillips and Jeff Sorensen join Michelle Hubble to discuss the four key pillars to digitizing a SOX compliance program and how to address the associated challenges.We discuss the following questions:0:41 - Why do organizations need to focus on the entire program when looking to digitize a SOX program?2:20 - What are the four key pillars that are important when digitizing a SOX program and the challenges around them?8:18 - What are companies tangibly doing to address these challenges?9:14 - As these technologies are not one size fits all, how should organizations think about the technologies and processes as well as the impact they will have?10:55 - How is a control owner going to benefit from SOX digital capabilities?12:55 - How much time should it take to make sure the business requirements are set before starting to think about technology solutions?14:39 - How can you start using these new digital skills when wanting to test manual controls, automated controls or IT general controls differently?16:14 - What are some additional takeaways when looking to digitize your SOX program?https://www.pwc.com/us/en/services/risk-assurance/podcasts/pillars-digitize-sox-compliance-program.html

In this episode, Michelle Hubble and Jaime Phillips join Mike Maali to discuss how to rethink your SOX compliance program.We discuss the following questions:0:37 - Why is now a good time to rethink your SOX program?1:13 - As controllers are taking greater ownership of full programs within an organization how does that align with the organization’s objectives?2:38 - How do transformations throughout the organization impact controls and SOX?3:52 - What does a SOX transformation look like?5:06 - What are the expected benefits of a SOX transformation?7:10 - What are key things organizations should do when planning to rethink their SOX program?

In this episode, Lauren Massey and Dhiraj Malhotra join Mike Maali to share a real example of how one company got started with internal audit transformation and the tactical next steps you can take to bring this model to life. We discuss the following questions: 0:46 - What activities can help you pull together all of your needs to begin your internal audit transformation? 3:25 - What stakeholders are normally involved in this type of activity? 6:07 - What are typical outputs that come out of this type of activity? https://www.pwc.com/us/en/services/risk-assurance/podcasts/internal-audit-transformation-steps-case-study.html

In this episode, Gena Wilson joins Kevin O'Connell to discuss how to navigate the risks and challenges associated with migrating to the cloud while continuing to drive trust and transparency to stakeholders.We discuss the following questions:0:44 - Should companies be doing more to confirm the cloud environment they are using is sufficiently secured? 1:34 - What other risks are associated with cloud computing and how can companies manage them? 2:49 - How to maintain control and oversight within the cloud environment? 5:06 - What are we seeing from a regulatory and compliance requirement perspective? 6:33 - How are companies handling requests from their clients around cloud computing? 7:19 - What are companies with SOC reports considering moving to the cloud thinking about? 8:43 - What are some key takeaways when thinking about migrating to the cloud?https://www.pwc.com/us/en/services/risk-assurance/podcasts/cloud-risks.html

In this episode, Jenna Switchenko joins Kevin O'Connell to discuss how critical it is for organizations to maintain proper controls and governance when implementing robotic process automation (RPA) and intelligent automation to scale.We discuss the following questions:0:32 - What are we seeing broadly from an adoption and use perspective of RPA?1:15 - What should we be concerned with when thinking about scaling my RPA tools in the organization?3:57 - How would you recommend introducing bots and their controls into SOC reports?4:44 - What are the pros and cons of hybrid governance models and federated governance models?6:34 - What are the risks associated with the creation of citizen-led automations?9:40 - What are some key takeaways around managing RPA and intelligent automation risks?https://www.pwc.com/us/en/services/risk-assurance/podcasts/rpa-intelligent-automation-risks.html

In this episode, Dhiraj Malhotra joins Mike Maali to discuss how internal audit can shift to a more proactive risk focus through a data-enabled risk assessment process to develop continuous risk sensing capabilities.We discuss the following questions:0:50 - How might the risk assessment process change as the internal audit evolves?4:25 - What is the importance of linking the single source of truth to business issues?5:20 - What types of tools and capabilities will internal audit need to create these risk sensing capabilities at scale?7:43 - How often does this capability need to be reviewed or monitored?10:30 - What capabilities will internal audit need to interpret the results and act on them?12:03 - What is the ideal process to initially set up this data platform and who should be included?15:37 - What are key takeaways for organizations to think about?https://www.pwc.com/us/en/services/risk-assurance/podcasts/continuous-risk-sensing.html

In this episode, Lauren Massey joins Brian Schwartz to discuss steps organizations can take to maximize risk coverage, create efficiencies and drive stronger risk insight.We discuss the following questions:1:04 - What do we mean "the whole is greater than the sum of the parts" in the context of risk function collaboration and how is it beneficial? 2:53 - What are we seeing risk functions do to try to optimize one another and what are some starting points? 4:47 - How important is digital transformation as part of the optimization of a risk function? 6:18 - What are other steps risk functions can take besides digitization? 7:32 - How does an organization’s brand factor into their transformation and optimization efforts? 8:19 - What are some key takeaways for those looking to optimize the value of their risk functions?https://www.pwc.com/us/en/services/risk-assurance/podcasts/2020-global-risk-study-optimizing-risk-functions-collaboration.html

In this episode, Rich Reynolds joins Seth Rosensweig to discuss the challenges organizations face as the compliance controls testing and monitoring activities within the lines of defense continue to evolve.We discuss the following questions: 0:34 - What are some of the challenges around controls testing and monitoring that we’re seeing now? 3:03 - How can we get past the difficulties of testing the tester’s tester to provide assurance? 6:15 - Is there a clear understanding of the differences between monitoring, testing and other associated activities? 10:03 - What should you consider when thinking about the different ways to test and monitor your controls? 12:07 - How important is it to have the infrastructure to properly integrate data and analytics into your controls testing and monitoring program? 16:13 - What do you think the compliance organization of the future will look like as it comes to testing and monitoring? https://www.pwc.com/us/en/services/risk-assurance/podcasts/controls-testing-monitoring.html

In this episode, Travis Ringger joins Brian Schwartz to discuss the practical actions risk functions can take to lay a foundation for better collaboration and risk insight. We discuss the following questions: 1:08 - Why do only a small percentage of companies feel they have the right technology and tools needed to manage risks today? 2:35 - What are some of the non-technological, foundational steps that organizations need to take for better collaboration? 4:37 - What do you see risk functions doing to improve their risk data, are they building common data sources and do they understand what to do with the unstructured data? 6:46 - What are the difficulties and misconceptions associated with building one single source of truth? 9:33 - What are the appropriate steps for a company to take to move toward a more common technology platform? 11:55 - What is your advice for risk functions that don't foresee being able to invest in a common technology? 13:45 - What are some key takeaways for those looking to increase collaboration between risk functions? https://www.pwc.com/us/en/services/risk-assurance/podcasts/2020-global-risk-study-risk-collaboration-foundation.html

In this episode, Jaime Phillips joins Brian Schwartz to discuss what senior executives and board members can do to promote greater risk function collaboration and develop a shared risk insight.We discuss the following questions:1:11 - Why, in many instances, are senior executives and board members not aligned on where the accountability for risks lie?2:47 - What are companies doing today to make sure that risk accountability is crystal clear?4:02 - Are board members and senior executives receiving a consolidated view of risk across the enterprise from risk function executives and is that trend changing?5:09 - What are some specific actions boards and senior executives can take to drive greater risk function collaboration?7:02 - How can the risk management program itself help drive better risk function collaboration?https://www.pwc.com/us/en/services/risk-assurance/podcasts/2020-global-risk-study-risk-accountability.html

In this episode, Matt Giordano and Michael Zelwin join Kevin O'Connell to discuss how companies can effectively manage the challenges in providing third party assurance reporting to multiple stakeholders.We discuss the following questions: 0:41 - Why is it important for organizations to have a pulse on their commitment to third parties? 2:44 - What are the challenges organizations would face in implementing a program to respond to their client and third-party requests? 4:27 - What are the key aspects organizations should consider when they start to build an integrated assurance program? 7:57 - How are organizations incorporating technology into their integrated assurance programs? 10:57 - What are some key takeaways for those looking to create an integrated assurance program?https://www.pwc.com/us/en/services/risk-assurance/podcasts/integrated-assurance-third-party-reporting.html

In this episode, Jennifer Lendler joins Kevin O'Connell to discuss the steps organizations can take to build trust and transparency when integrating artificial intelligence.We discuss the following questions: 0:36 - What are the pieces of artificial intelligence (AI)? 1:48 - What are some of the issues with trust and how is it affecting businesses thinking about AI? 4:20 - What are some concerns you are seeing with AI adoption? 5:56 - What can organizations do and what questions should they ask when looking into AI? 9:26 - What conversations are you having around AI, especially around developing controls frameworks? 12:02 - What are some key takeaways to think about when considering incorporating AI in your organization? https://www.pwc.com/us/en/services/risk-assurance/podcasts/building-trust-ai.html

In this episode, Mike Maali joins Brian Schwartz to discuss the results, implications and opportunities from PwC's 2020 Global Risk Study, in which a major theme uncovered was the need for better risk function collaboration as risks become more complex and interconnected.We discuss the following questions:1:08 - Why is collaboration becoming such an imperative for risk functions today?3:17 - What can happen if risk functions do not collaborate?5:15 - Where are most risk functions on collaboration journey today?7:02 - Why is it difficult to break down the silos between risk functions to get on their journey?10:18 - What are some of the tangible benefits when risk functions are collaborating?11:44 - What pragmatic actions should companies take to increase risk function collaboration?https://www.pwc.com/us/en/services/risk-assurance/podcasts/2020-global-risk-study-risk-visibility.html

In this episode, Gagan Reen joins Elizabeth McNichol to discuss the digital maturity journey organizations are on and the impact certain technologies have on risk management processes.We discuss the following questions:0:47 - How is PwC innovating to address customer pain points in risk management processes?1:24 - As it relates to one of PwC's defined eight essential technologies, what is automation?3:00 - How are companies upskilling efforts reacting to the interactions with automation and how is that affecting the people side of the workforce?6:06 - What has been happening with regard to the adoption of artificial intelligence in the risk space? 8:53 - How are companies creating Centers of Excellence to centralize the governance and management of automation?10:03 - How does PwC's Enterprise Insights and team help clients assess and handle the risk within their system's data?18:01 - How should organizations begin the journey? What is the first step?

In this episode, Brigham McNaughton joins Kevin O'Connell to discuss how investors are accelerating their focus on environmental, social, and governance (ESG) factors and the challenges that creates for corporate reporting.We discuss the following questions: 0:36 - What is ESG and what trends are driving the momentum? 2:36 - What are the investors looking for with regard to ESG and what are they most concerned about? 4:54 - What are companies doing to shift operations to focus more on ESG issues? 6:37 - How should a company start the process and who should be included in the discussions? 8:29 - What are some important topics needed in these discussions? 9:23 - How is PwC helping clients build trust in this space? 11:18 - What are some key takeaways to consider around ESG?For more information, read our blog "Can your organization address mounting investor scrutiny over ESG disclosures?"Here is IDC's article "Stakeholder-focused approaches to creating a sustainable business - Part 1: PwC helps clients address investors' demand for improved ESG reporting."https://www.pwc.com/us/en/services/risk-assurance/podcasts/esg-corporate-reporting.html

In this episode, Lauren Massey joins Mike Maali to discuss the changes to the internal audit approach and how internal audit will look and feel different after transformation.We discuss the following questions: 0:44 - How will internal audit transformation change the way that we address risk?1:55 - What implications will this have for reporting to the Audit Committee and executive management and other forms of reporting?3:36 - What’s the difference between an audit spectrum and the traditional audit plan?6:11 - How are the organization's enterprise risk management process and 3 lines of defense working together to play an important role in this transformation?9:25 - What are some key takeaways to consider when companies are going down their own internal audit transformation journey?https://www.pwc.com/us/en/services/risk-assurance/podcasts/rethinking-internal-audit-approach.html

In this episode, Lauren Massey joins Mike Maali to discuss next-gen internal auditor profiles and the impact that digital skills and collaboration will have on internal audit transformation. We discuss the following questions: 0:45 - How is the internal auditor skill set changing? 2:50 - What does the next-gen internal auditor career progression look like? 4:53 - How are companies, including PwC, going through the process of upskilling current staff? 8:30 - What are the recruitment aspects of the talent strategy and the changes we are seeing for internal audit?

In this episode, Jennifer Lendler and Mike Shipham join Bob Clark to discuss the significance of Agile and DevOps in the workplace today and how they are impacting governance, risk and compliance during a digital transformation.We discuss the following questions: 0:57 - What is Agile, its background and where is it being used? 3:00 - How do you compare Agile and DevOps and why are they such a hot topic now? 4:49 - How are governance quality and risk management managed by Agile and DevOps? 6:16 - What is needed to achieve a greater level of control through these systems? 8:19 - Who are some of the other stakeholders that need to think about this in the organization? 10:01 - What do the successes with Agile and DevOps look like? 11:48 - What does an organization need to successfully evolve to adapt Agile and DevOp principles? 14:17 - What are some key takeaways when considering Agile and DevOps?http://www.pwc.com/us/en/services/risk-assurance/podcasts/agile-devops-digital-transformation.html

In this episode, Lauren Massey and Dhiraj Malhotra join Mike Maali to discuss internal audit’s new value proposition and why now is the right time for internal audit to transform.We discuss the following questions:0:56 - Why is now the time for fundamental transformation in internal audit?3:45 - What does internal audit transformation look like?6:18 - How will risk sensing allow us to change the way we think about and assess risk?8:34 - How does this transformation affect the people within the organization?10:11 - What are some key takeaways to consider when getting started with your internal audit transformation?https://www.pwc.com/us/en/services/risk-assurance/podcasts/transform-internal-audit.html

In this episode, Carolyn Holcomb joins Kevin O'Connell to discuss how organizations can build a defensible, reasonable and sustainable privacy program to withstand regulatory and legal scrutiny, and communicate that to their internal and external stakeholders.We discuss the following questions:0:38 - Why are privacy-related topics so relevant in today's business environment?2:39 - What are the common themes that organizations need to consider as they interact with personal data?4:33 - Once the program has been created, how do you enable it and who assists with that process?7:19 - What are the needs and expectations of both the internal and external stakeholders?9:54 - How are companies communicating assurance to their stakeholders?12:50 - What are some key takeaways in developing and sustaining a defensible privacy program?https://www.pwc.com/us/en/services/risk-assurance/podcasts/defensible-sustainable-privacy-strategy.html

In this episode, Jason Plummer joins Bob Clark to discuss GRC programs and technology, their key components, and how they enable an organization's strategic vision and drive sustainable value.We discuss the following questions:0:38 - What do we mean by GRC?1:36 - What are the key components to define your strategic vision enabling you to determine the best GRC technology?3:30 - How does using a single GRC platform potentially reduce the cost of compliance?6:57 - How much time and cost savings can be gained by implementing a GRC program8:40 - What should companies be considering as they start evaluating the value they can derive from a GRC program?9:59 - Are there ways companies can start small so it does not feel like such a daunting process?https://www.pwc.com/us/en/services/risk-assurance/podcasts/grc-programs-technology-strategy.html

In this episode, Jamie Draper and Gurmeet Sawhney join Bob Clark to discuss some of the opportunities and challenges associated with the transformation journey to Workday and how to build and integrate trust, privacy, security, and controls into a Workday implementation.We discuss the following questions:0:50 - What is Workday's journey and the PwC perspective around compliance within Workday?2:35 - How does the Workday architecture impact controls, design and operation?5:14 - What are some of the other challenges that clients face when they are implementing and using Workday and what solutions are recommended to help them deal with those challenges?9:55 - What are some other compliance considerations a company should address when implementing Workday?https://www.pwc.com/us/en/services/risk-assurance/podcasts/workday-security-controls.html

In this episode, Andy Evans and Amar Reddy join Bob Clark to discuss the correlation between data governance and data quality, why data governance is so critical now and the challenges and key concepts organizations should consider when implementing it.We discuss the following questions:0:49 - What is data governance and what are some of the drivers for data governance in the market?3:32 - What are some of the interdependencies of data quality and data governance and what are the challenges?4:51 - What are some of the key components of data governance?6:33 - What are some of the key concepts an organization should consider if they are trying to implement data governance?7:33 - How do you begin implementing data governance?8:50 - How do master data governance tools help organizations manage their data?10:46 - What is a key takeaway around the link between governance and quality?https://www.pwc.com/us/en/services/risk-assurance/podcasts/data-governance-quality.html

In this episode, Andrea Acciarri and Matt Wardrop join Bob Clark to discuss Salesforce and important considerations for effectively designing and implementing security in a Salesforce environment.We discuss the following questions:1:02 - In addition to Salesforce's abilities, what should companies do from a security perspective?3:01 - When looking at the regulatory and compliance issues, what are some of the things that companies need to think about around security?4:46 - What is the process of using Salesforce to address requirements either in a single or in multiple organizations?7:14 - How can companies ensure that their Security configurations continue to work properly?7:53 - What is Salesforce Shield and what value does it bring10:58 - What are the more common mistakes or challenges of a client's Salesforce security environment when seeing it for the first time?https://www.pwc.com/us/en/services/risk-assurance/podcasts/security-design-implementation-salesforce.html

In this episode, Dan Sorensen, Eric Caliendo and Miriam Shou join Bob Clark to talk about the critical role of data management in business and technology transformation, and in particular, the importance of implementing a comprehensive data transformation strategy and how to overcome data quality challenges across the enterprise.We discuss the following questions:0:57 - What's driving the demand for business and technology transformation today?2:47 - Why is having a data strategy really important in terms of driving a transformation and why is that crucial to companies as they go through these?4:01- What differences are we seeing at clients and in data quality exercises through a transformation lifecycle versus the expectation as part of normal business?6:32 - What are some of the changes in the approach as people start to prepare for transformation with data?11:15 - What is the most common mistake to advise against in terms of data and the impact it would have on a transformation?https://www.pwc.com/us/en/services/risk-assurance/podcasts/managing-data-business-technology-transformation.html

In this episode, Holly Marrs joins Bob Clark to talk about the planning process and steps to take in an SAP S/4HANA transformation that will help you address and integrate controls, security, and cybersecurity to reduce and manage risk during your transformation in an efficient and cost-conscious manner. We discuss the following questions:0:51 - In a S4/HANA transformation, what is important to think about with regard to design, controls, security and GRC?3:10 - What should you know about the new user interface, Fiori?4:17 - How should you think about GRC as you're going through your design?5:26 - What are some ways to gain improvements using S/4 and the configuration?6:48 - What are some of the capabilities you could implement with process control to help get continued assurance?7:58 - How do the options within moving to the cloud impact cybersecurity?10:10 - What does a company need to think about in terms of resourcing and planning from a controls and security in GRC perspective?11:56 - What does it mean to be agile in terms of an implementation?13:30 - What can go wrong when security and controls are not taken into account in the beginning?15:30 - What are the key takeaways when looking to embark on a transformation?https://www.pwc.com/us/en/services/risk-assurance/podcasts/sap-s4hana-transformation.html