Podcasts about Operational risk

In this special episode of the ORX Operational Risk Podcast, Steve Bishop (Research and Information Director, ORX) is joined by Luke Carrivick (ORX Executive Director) and Roland Kennett (Client Success Director, ORX) to share their highlights from LeadersConnect Live 2025. Recorded during the event in New York, this episode covers topics such as: The importance of communication for good operational risk management Takeaways from a Chief Risk Officer (CRO) panel Third party and an extended ecosystem Frameworks and governance For more highlights from the event, check out our blogs: Day 1: https://orx.org/blog/leadersconnect-live-2025-day-1-highlights Day 2: https://orx.org/blog/leadersconnect-live-2025-day-2-highlights About LeadersConnect Live LeadersConnect Live is our premier, in-person, invitation-only event for senior leaders from ORX member firms. It provides an opportunity for Heads of Operational Risk and Heads of Non-Financial Risk to discuss future of operational and non-financial risk (ONFR) and learn about important topics. The 2025 event took place in New York on 20-21 May. To find out more about LeadersConnect Live 2025, visit the event page: https://orx.org/events/leadersconnect-live-2025  

In this episode, the ORX Research and Information Team explore the results from the recent ORX Operational Risk Horizon and Cyber Horizon surveys. These surveys were run with a group of global banks and insurers and look at the biggest risks facing financial services firms in the coming 1-3 years. Key themes discussed from the studies include: An increasingly connected risk landscape The dominance of digital, AI and geopolitical themes Cyber risk continuing to be the top risk The rise of third party and supply chain risk This episode features Steve Bishop, Research and Information Director, Simon Johnson, Head of Services, Emilie Odin, Senior Research Manager and Nikki Truss-West, Research Senior Manager. Download the full Operational Risk Horizon report (available to ORX members and ORX Lite subscribers): https://orx.org/resource/operational-risk-horizon-2025 Download a free summary report (available to anyone): https://orx.org/download/operational-horizon-risk-2025 Download the full Cyber Horizon report (available to ORX Cyber subscribers): https://orx.org/resource/cyber-horizon-2025 To find out more about ORX Membership, ORX Cyber and ORX Lite, visit our website: https://orx.org/

A series of dynamic conversations hosted by Simon Witney, sustainable finance specialist, joined by two expert guests. Simon meets with James Alexander, Chief Executive of The UK Sustainable Investment and Finance Association (UKSIF) and Sarah-Jane Denton, Director of our Operational Risk & Environment team to evaluate the need, benefits, and practicality of a implementing UK-specific green taxonomy versus adopting the current EU framework.The episode ends with a one-sentence answer from each expert guest to… does the UK need a green taxonomy?The Sustainability Exchange was first published in our Talking. Sustainability. podcast. Follow for latest episodes in your favourite podcast player: https://feeds.captivate.fm/travers-smith-talking-sustainability-esg/

In this episode Jo Shoppee, Head of Operational Risk - Technology at ANZ Bank, shares her unexpected journey into risk management, from a teller at ANZ to technology risk specialist. Jo discusses the challenges of balancing career and family, advocating for part-time roles for senior leaders. She emphasizes the importance of compassion and understanding in risk management, particularly in the three lines of defense model. She notes the shift towards data-driven risk management and the need to stay outcome-focused. She also discusses the top risks in the financial industry, including geopolitical risks, emerging technologies, and energy security. Jo Shoppee: Jo is a commercially focused risk executive with extensive technology and finance sector experience, deep expertise in technology risk management, and a track record for building effective and trusted relationships.  Jo worked extensively across Europe in her time with General Electric, and has recently returned to ANZ, where her technology career first started, where she is the head of operational risk management for the Group Technology Division. Jane Tumurbaatar: Jane is a Director at Protiviti with over 12 years' experience in professional services. She has broad expertise across first, second and third lines of defence of risk management in financial services, government, and corporate organisations. Her experience extends to risk transformation, change management and remediation. SHOW NOTES 02:14 Career Journey 05:05 Challenges and Achievements 08:39 Role of Compassion in Risk Management 11:05 Keeping Up with Technology in Risk Management 14:19 Changes in Risk Management Approaches 21:54 Leadership Style Evolution 33:41 Importance of Diversity in Decision Making Transcript and More GRC Content: https://www.riskywomen.org/2024/12/podcast-s7e8-driving-tech-innovation-in-risk-management-jo-shoppee/

Topics include:  DC and profession update   Talent pipeline   AI trends and impacts on critical infrastructure  Evolving technology trends across the profession   Key technical updates  Speakers:   Erik Asgeirsson, President and CEO, CPA.com  Lisa Simpson, VP, Firm Services, AICPA  Rachel Dresen, Senior Director, Congressional & Political Affairs, AICPA  Lexy Kessler, Vice Chairman, AICPA  Avani Desai, CEO, Schellman  Pascal Finette, Co-founder, be radical  

In this episode of What's New at CFI on FinPod,  we discuss operational risk management in banks, breaking down its four main dimensions: people, processes, systems, and external events. Operational risk stands apart from other risks like credit or market risk, affecting banks uniquely due to strict regulatory standards, particularly those outlined in the Basel Accord. We discuss why these risks are so significant for banks today and how failures in operational risk management often lead to high-profile fines and industry-wide consequences.Listeners will gain insights into why operational risk is one of the top challenges banks face and how our new course dives deep into real-world examples and strategies to manage these risks effectively. This episode is a must-listen for those curious about the complex landscape banks navigate, offering a clear understanding of operational risk and the tools needed to manage it.

Paul Benda, Senior Vice President of Operational Risk and Cybersecurity for the American Bankers Association, joins Megan Lynch and Tom Ackerman warning against scams targeting bank accounts. Their motto, "banks never ask that".

In this episode of the Risk Management Show poidcast, we welcome Michael Schank, a seasoned management consultant with over 25 years of experience in financial services. Michael discusses the limitations of traditional Enterprise Risk Management (ERM) programs and introduces the Process Inventory Framework, a methodology he developed to improve risk management, compliance, and strategic decision-making. Key Topics: Michael's Career Path: His journey in risk management and founding Process Inventory Advisors LLC. Why Traditional ERM Programs Fail: Blind spots, data quality issues, and confusion in operating models. The Process Inventory Framework: How it enhances risk management by integrating a detailed process inventory. Improving Data Quality in Risk Management: Addressing root causes and leveraging process taxonomy in GRC systems. Reducing Chaos and Increasing Accountability: Streamlining operations and improving risk management efficiency. Application Across Risk Types: Benefits for Operational Risk, Compliance Risk, Operational Resiliency, and Third-Party Risk Management.  

About the CISO Circuit SeriesSean Martin and Michael Piacente will join forces roughly once per month to discuss everything from looking for a new job, entering the field, finding the right work/life balance, examining the risks and rewards in the role, building and supporting your team, the value of the community, relevant newsworthy items, and so much more. Join us to help us understand the role of the CISO so that we can collectively find a path to Redefining CyberSecurity. If you have a topic idea or a comment on an episode, feel free to contact Sean Martin.____________________________Guest: Michael Piacente, Managing Partner and Cofounder of Hitch PartnersOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/michael-piacente____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsLevelBlue: https://itspm.ag/levelblue266f6cCoro: https://itspm.ag/coronet-30deSquareX: https://itspm.ag/sqrx-l91Britive: https://itspm.ag/britive-3fa6AppDome: https://itspm.ag/appdome-neuv___________________________Episode NotesIn the latest episode of the CISO Circuit Series on the Redefining CyberSecurity Podcast, Sean Martin and Michael Piacente join forces in Las Vegas during the Black Hat USA 2024 Conference to engage in an insightful conversation about the evolving role of the Field CISO. Sean Martin is joined by Michael Piacente, Managing Partner and Co-Founder at Hitch Partners, as they dissect the significance and responsibilities of Field CISOs in today's cybersecurity landscape.A primary focus of the episode is understanding what a Field CISO actually entails. Michael Piacente explains that the role of Field CISO varies widely across organizations, but it generally falls into two categories: customer engagement and sales enablement. Companies might hire Field CISOs to build operational risk assessments and customer relationships, or to drive the technical sales process. For instance, Field CISOs play a pivotal role in product companies by acting as trusted advisors who help communicate complex technical topics in a digestible manner to potential clients.Michael also highlights key attributes that make a Field CISO successful, such as genuine cybersecurity experience, deep technical knowledge, a reputable name in the community, and robust networking skills. Successful Field CISOs can seamlessly transition between discussing technical details and broader strategic goals with stakeholders. Their role often includes influencing product development by bringing practical insights from customers back to the engineering teams.One crucial point raised during the discussion is the integrity and trustworthiness required for a Field CISO. Sean and Michael emphasize that maintaining trust within the CISO community is paramount. Field CISOs should avoid crossing lines between promotional activities and genuine advisory roles. They assert that integrity and transparency remain foremost in these roles, as they are often looked to for unbiased, independent advice.Another topic discussed is how organizations should approach hiring for the Field CISO role. Michael Piacente points out the importance of setting clear expectations, understanding the balance between operational duties and sales enablement, and ensuring that the Field CISO is genuinely aligned with the company's mission and capable of maintaining community trust.Overall, this episode sheds light on the nuanced nature of the Field CISO role, providing valuable insights for both aspiring Field CISOs and organizations looking to hire one. As the role continues to evolve, Michael and Sean underscore the need for a thoughtful approach to defining responsibilities and fostering an environment where integrity and expertise thrive.____________________________Follow our Black Hat USA  2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasOn YouTube:

About the CISO Circuit SeriesSean Martin and Michael Piacente will join forces roughly once per month to discuss everything from looking for a new job, entering the field, finding the right work/life balance, examining the risks and rewards in the role, building and supporting your team, the value of the community, relevant newsworthy items, and so much more. Join us to help us understand the role of the CISO so that we can collectively find a path to Redefining CyberSecurity. If you have a topic idea or a comment on an episode, feel free to contact Sean Martin.____________________________Guest: Michael Piacente, Managing Partner and Cofounder of Hitch PartnersOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/michael-piacente____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsLevelBlue: https://itspm.ag/levelblue266f6cCoro: https://itspm.ag/coronet-30deSquareX: https://itspm.ag/sqrx-l91Britive: https://itspm.ag/britive-3fa6AppDome: https://itspm.ag/appdome-neuv___________________________Episode NotesIn the latest episode of the CISO Circuit Series on the Redefining CyberSecurity Podcast, Sean Martin and Michael Piacente join forces in Las Vegas during the Black Hat USA 2024 Conference to engage in an insightful conversation about the evolving role of the Field CISO. Sean Martin is joined by Michael Piacente, Managing Partner and Co-Founder at Hitch Partners, as they dissect the significance and responsibilities of Field CISOs in today's cybersecurity landscape.A primary focus of the episode is understanding what a Field CISO actually entails. Michael Piacente explains that the role of Field CISO varies widely across organizations, but it generally falls into two categories: customer engagement and sales enablement. Companies might hire Field CISOs to build operational risk assessments and customer relationships, or to drive the technical sales process. For instance, Field CISOs play a pivotal role in product companies by acting as trusted advisors who help communicate complex technical topics in a digestible manner to potential clients.Michael also highlights key attributes that make a Field CISO successful, such as genuine cybersecurity experience, deep technical knowledge, a reputable name in the community, and robust networking skills. Successful Field CISOs can seamlessly transition between discussing technical details and broader strategic goals with stakeholders. Their role often includes influencing product development by bringing practical insights from customers back to the engineering teams.One crucial point raised during the discussion is the integrity and trustworthiness required for a Field CISO. Sean and Michael emphasize that maintaining trust within the CISO community is paramount. Field CISOs should avoid crossing lines between promotional activities and genuine advisory roles. They assert that integrity and transparency remain foremost in these roles, as they are often looked to for unbiased, independent advice.Another topic discussed is how organizations should approach hiring for the Field CISO role. Michael Piacente points out the importance of setting clear expectations, understanding the balance between operational duties and sales enablement, and ensuring that the Field CISO is genuinely aligned with the company's mission and capable of maintaining community trust.Overall, this episode sheds light on the nuanced nature of the Field CISO role, providing valuable insights for both aspiring Field CISOs and organizations looking to hire one. As the role continues to evolve, Michael and Sean underscore the need for a thoughtful approach to defining responsibilities and fostering an environment where integrity and expertise thrive.____________________________Follow our Black Hat USA  2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasOn YouTube:

Gadalia Montoya Weinberg O'Bryan, CEO and founder at Dapple Security is our feature interview this week, interviewed by our own Frank Victory. News from Southwest Airlines, Alterra Mountain Company, Vail Resorts, Botdoc, Crowdstrike, LogRhythm, Red Canary, Lares, Webroot and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Southwest breaks with 50-year tradition and will assign seats; profit falls at Southwest, American Denver-based ski giants to host Olympics events How the Colorado, New Mexico quantum industry plan to use its federal funding Colorado company strikes AI partnership for security at car dealerships Communications outages from CrowdStrike update cancel RTD trains, shut down Colorado DMVs, hinder first responders A Comparison of AI Regulatory Frameworks Merged Exabeam and LogRhythm cut jobs, face lawsuit Halting a hospital ransomware attack - Red Canary Enhancing Organizational Communication and Culture through Purple Team Testing 7 Tips on Keeping Your Data Private When Using AI - Webroot Blog Job Openings: Pax8 - GRC Analyst City & County of Denver - CISO Lumen - Vice President, Deputy Chief Security Officer CoBank - Director, Internal Controls and Operational Risk, IT Westerra Credit Union - Director of Information Security (Hybrid - must reside in CO Meta - Security Partner - Mergers & Acquisitions (M&A) Robinhood - Enterprise Risk Manager State of Colorado - Cyber Criminal Investigator IV Fastly - Senior Manager, Security Detection and Response Motion Recruitment - GRC Analyst The Trade Desk - Sr Staff Product Manager-Data Governance & Policy Applications - Trust & Safety Upcoming Events: This Week and Next: ISSA COS - August Meeting - 8/13 ISSA Denver - August Meeting, "Incident Response" - 8/14 Let's Talk Software Security - Vulnerability Remediation:Fixing Problems or Creating New Ones? - 8/14 ISSA COS - August Mini Seminar - 8/17 Colorado = Security & Colorado CSA Summer Picnic - 8/24 ISC2 Pikes Peak - August Meeting - 8/28 Denver ISSA - AI/ML Special Interest Group - 8/28 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

CONSUMER INSIGHTS Topic: Rise of e-commerce: How to avoid falling victim to scams Guest: George Wandsella, Head of Operational Risk and Fraud at TymeBank

Operational Risk Issues Facing Public Entities During Freedom Of Speech

Guy Sereff, Partner at Michael Best is our feature interview this week. News from Arapahoe Community College, Guild, Katilyst, LogRhythm, Ping Identity, Red Canary and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Denver Named Number One on List of Best U.S. Cities for Foodies Colorado Legislature Passes First-in-Nation Artificial Intelligence Bill Denver-area community college first to join Space Force effort to teach aerospace workers How Colorado organizations are preparing to fill quantum positions Denver tech firm Guild grew rapidly, now it is shrinking rapidly Katilyst - Out of Stealth and Ready to be Your Security Champion LogRhythm and Exabeam Announce Intent to Merge, Harnessing Collective Innovation Strengths to Lead the Future of AI-Driven Security Operations What Is Liveness Detection? How It Helps Fraud Prevention What to consider when evaluating EDR Job Openings: Pax8 - IAM Architect Bank of America - Azure - Senior Cloud Security Engineer State of CO - Senior Security Administrator (Audit) CoBank - Director, Internal Controls and Operational Risk, IT Maxar - Senior Information Security Specialist Gates Corp - Cybersecurity & DLP Specialist Quizlet - Staff Cloud Security Engineer Flexential - Manager, Security Architecture Western Union - Information Security Engineer Upcoming Events: This Week and Next: RMISC - 6/11-13 BSides Boulder - 6/14 Let's Talk Software Security - Quality Tests, Security Outcomes: Are We There Yet? - 6/20 CSA Colorado - June Meeting, "Modern AI Threats and Challenges" - 6/25 ISC2 Pikes Peak - June Meeting - 6/26 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Join Scott Anchin, VP of Operational Risk and Payments Policy at the ICBA, as we discuss the taskforce the ICBA has put together on check fraud. Each of the sub-groups the committee has assembled are dedicated to addressing significant topics in the fight against this type of fraud.Presented by Remedy Consulting Technology Contract Negotiation & System Assessments, T&C Improvements, and FI Strategic Planning.For more information on BankTalk:BankTalk WebsiteSubscribe to BankTalk NewsRemedy Consulting WebsiteRemedy LinkedInTo speak on the BankTalk Podcast, please email us.

In this final episode, Knowledge Counsel Anna West and Associate River Clarke from our Employment team talk with Director Sarah-Jane Denton from our Operational Risk & Environment team. They discuss potential developments in the modern slavery regime, as well as the ongoing expansion of sustainability and ESG reporting, and the increasing focus on supply chain diligence.This podcast uses the following third-party services for analysis: Blubrry - https://create.blubrry.com/resources/about-blubrry/privacy-policyOP3 - https://op3.dev/privacyPodtrac - https://analytics.podtrac.com/privacy-policy-gdrp

Listen to this episode of the ORX Operational Risk Podcast to hear Matthew Glinister, ORX Head of Risk Management, and Natasha Smith-Craig, ORX Assistant Research Manager, discuss some of the key findings and outcomes from the recently published Operational Risk Horizon 2024 report. In the episode, they cover the top five emerging risk categories from the study and an overview of what can be learnt from the headline findings in the report. The full Operational Risk Horizon 2024 report and the emerging risk landscape interactive visualisation are available for free to all ORX members, as well as the report for non-members to purchase via our website here: https://orx.org/resource/operational-risk-horizon-2024 The “MOVEit transfer data breaches Deep Dive” is publicly available to download for free on our website here: https://orx.org/resource/moveit-transfer-data-breaches ORX News subscribers can read more on The Post Office Scandal via the ORX News website at: https://news.orx.org/node/12217 You can also listen to our recent podcast on “ORX News top 5 largest losses in January 2024 and a focus on third-party risk including the Post Office and Horizon scandal and MOVEit hack” here: https://orx.org/podcast/orx-news-top-5-op-risk-losses-jan-2024-3rd-party-risk To find out more about ORX Membership, ORX premium services, and access other operational risk resources, just search ‘ORX' or visit: www.orx.org 

In this episode Mike Yarwood, Managing Director Loss Prevention and Josh Finch, Logistics Risk Manager, sat down to discuss how customer demands can impact logistics operations - posing threats that you may not immediately consider in your risk mitigation strategy. The two consider ways in which you can make your operations safer, more secure and more sustainable. If you would like to hear more advice on supply chain security, listen to our other episodes!

Colin Walsh of Varo Bank joins Nate to discuss Scaling Varo to $1B+, The Future of Banking, & Why the Biggest Opportunity in Fintech is Financial Inclusion. In this episode we cover: Entrepreneurship, Risk-Taking and Founding a Fintech Company Financial Innovation and Customer Needs in the Industry Financial Challenges and Technology Solutions Becoming a Bank and Offering Financial Products to Consumers AI's Impact on Financial Services, Operational Risk, and Productivity Guest Links: Twitter LinkedIn Varo The hosts of The Full Ratchet are Nick Moran and Nate Pierotti of New Stack Ventures, a venture capital firm committed to investing in founders outside of the Bay Area. Want to keep up to date with The Full Ratchet? Follow us on social. You can learn more about New Stack Ventures by visiting our LinkedIn and Twitter. Are you a founder looking for your next investor? Visit our free tool VC-Rank and we'll send a list of potential investors right to your inbox!

Guest: John Sapp , VP, Information Security & CISO at Texas Mutual Insurance Company [@texasmutual]On Linkedin | https://www.linkedin.com/in/johnbsappjr/On Twitter | https://www.twitter.com/czarofcyber____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesIn this episode of Redefining Cybersecurity, hosted by Sean Martin, listeners are invited to explore the complex landscape of cyber risk governance. John Sapp, a seasoned professional in risk management, emphasizes the importance of defining cyber risk from the perspective of various executives. The CIO, CFO, COO, and general counsel each own different aspects of risk within an organization, and understanding their perspectives is key to effective risk management.The conversation takes an intriguing turn as John introduces the concept of approaching cyber risk governance as a product. This involves understanding the desired outcomes, defining the requirements, and creating personas for different stakeholders. The aim is to develop a common pane of glass, a unified perspective through which each persona can access near real-time information to make informed decisions.John also underscores the importance of presenting information to various stakeholders, including the board and cyber insurance carriers, in a way that demonstrates the strength of the organization's cyber risk program. This approach has tangible benefits, such as a reduction in cyber insurance premiums based on the strength of the cyber risk program.The episode concludes with a discussion on the importance of collective decision-making in managing cyber risk. John emphasizes that it's not about presenting some information and giving somebody responsibility to make a decision, but rather about presenting information in different ways to all the different personas to spur a conversation so that the team can determine the best path forward.This episode is a must-listen for anyone interested in understanding how to approach cyber risk governance in a way that is both effective and efficient. It provides valuable insights into how to manage risk in an ever-evolving digital world.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

Guest: John Sapp , VP, Information Security & CISO at Texas Mutual Insurance Company [@texasmutual]On Linkedin | https://www.linkedin.com/in/johnbsappjr/On Twitter | https://www.twitter.com/czarofcyber____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesIn this episode of Redefining Cybersecurity, hosted by Sean Martin, listeners are invited to explore the complex landscape of cyber risk governance. John Sapp, a seasoned professional in risk management, emphasizes the importance of defining cyber risk from the perspective of various executives. The CIO, CFO, COO, and general counsel each own different aspects of risk within an organization, and understanding their perspectives is key to effective risk management.The conversation takes an intriguing turn as John introduces the concept of approaching cyber risk governance as a product. This involves understanding the desired outcomes, defining the requirements, and creating personas for different stakeholders. The aim is to develop a common pane of glass, a unified perspective through which each persona can access near real-time information to make informed decisions.John also underscores the importance of presenting information to various stakeholders, including the board and cyber insurance carriers, in a way that demonstrates the strength of the organization's cyber risk program. This approach has tangible benefits, such as a reduction in cyber insurance premiums based on the strength of the cyber risk program.The episode concludes with a discussion on the importance of collective decision-making in managing cyber risk. John emphasizes that it's not about presenting some information and giving somebody responsibility to make a decision, but rather about presenting information in different ways to all the different personas to spur a conversation so that the team can determine the best path forward.This episode is a must-listen for anyone interested in understanding how to approach cyber risk governance in a way that is both effective and efficient. It provides valuable insights into how to manage risk in an ever-evolving digital world.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

While the recent US Basel Endgame proposal will affect many elements of the capital rules, it will especially impact operational risk, a new category of capital charge for most banks. Midsize and larger US banking organizations will need to develop extensive loss-event tracking and quantification systems to comply with new operational risk requirements. Smaller banking organizations, while not required to hold capital for operational risk, should consider implementing tracking systems, given the 10-year lookback requirement, and its potential applicability in acquisitions. Please join Mayer Brown partners Jeffrey Taft and Matthew Bisanz for a discussion of the proposed operational risk requirements, and the key issues that banking organizations should consider during the comment period.

In this episode of the ORX Operational Risk Podcast, the ORX Scenarios team discuss the key trends we've seen from this year's ORX Scenario Library. The Scenario Library is a comprehensive database of operational risk scenarios submitted by our subscribers each year. It currently contains over 1000 quality assured scenarios across different business lines, sizes and regions shared by over 60 firms. The team cover key trends from this year's library submissions, including the rise of Information Security risk, which is now the most represented risk type in the Library ahead of conduct. They then look at the top risks and their profiles and do a more in-depth dive into climate risk scenarios. The full report is now available to all ORX Scenarios subscribers and ORX members here: https://orx.org/resource/insights-into-material-risks-2023. And a free summary will be freely available to download shortly. To find out more about ORX Scenarios, ORX Membership, and access other operational risk resources, just search ‘ORX' or visit: https://orx.org/  

Listen to this episode of the ORX Operational Risk Podcast to hear the ORX News team cover the five largest operational risk losses of June 2023 and conclude the two-part series covering the challenges surrounding data quality, systems, and the use of data for risk oversight, as well as touch on the importance of sufficient levels of adequately trained staff – all stemming from the launch of ORX's Risk Management Working Group. You can find the top 5 operational risk losses discussed in this episode, along with all previous top 5s, on our website at: https://orx.org/blog/top-5-orx-news-losses-q2-2023 You can also find out more about our Risk Management Community and Working Group on our website here: https://orx.org/community/risk-management ORX News subscribers can read more on the stories covered in this episode via the ORX News website at: https://news.orx.org/node/7095, https://news.orx.org/node/7201, https://news.orx.org/node/11483, https://news.orx.org/node/11743 and https://news.orx.org/node/10630. Please note that there is another episode of the ORX Operational Risk Podcast to be released this month, which covers the launch of the ORX Risk Indicator Library – so make sure to give that a listen too! To find out more about ORX News, ORX Membership, and access other operational risk resources, just search ‘ORX' or visit: www.orx.org  

FINRA's Risk Monitoring team is responsible for assessing financial, operational and business conduct risks that exist within individual member firms and across the industry. But they're also the day-to-day point of contact for firms for any questions they may have for FINRA. On today's episode, we're talking to Ornella Bergeron, Senior Vice President of Member Supervision's Risk Monitoring team, Brian Kowalski, Vice President of Diversified and Carrying & Clearing with the Risk Monitoring team, and Andrew McElduff, Vice President of Retail with Risk Monitoring learn more about the team's mandate and work and why they're such a resource for the member firms they work with.Resources mentioned in this episode:Reg Notice 22-25: FINRA Alerts Firms to Recent Trend in Small-Cap IPOsReg Notice 22-29: FINRA Alerts Firms to Increased Ransomware Risks15a-6 Chaperone Firms (from 2021 Exam and Risk Monitoring Report)Episode 90: Single Points of AccountabilityFINRA GatewayFINRA Examination and Risk Monitoring Programs

This episode features Mike Anderson leading a roundtable discussion with Ilona Simpson, Chief Information Officer EMEA at Netskope and David Fairman, Chief Information & Chief Security Officer APAC at Netskope.In this episode, Ilona and David share their predictions and resolutions for cybersecurity in 2023. You'll hear predictions about the industrial metaverse, confidential computing, quantified risk reduction plans, and convergence of priorities for security teams.-----------------“If you think about cybersecurity, we are just a subset of a broader operational risk. Operational risk actually has a much better approach or a little bit more maturity in being able to quantify operational risk in the organization. CISOs need to be able to stand toe-to-toe and be able to have a discussion at parity in regards to risk buydown for this subset of operational risk. And that's really where we are. I think as an industry, as a practice, as a profession, we need to get much smarter at figuring out how do we make this a much more quantitative conversation.” – David Fairman-----------------Episode Timestamps:*(02:47) - Prediction & Resolution: The Industrial Metaverse*(12:23) - Prediction & Resolution: Confidential Computing *(17:54) - Prediction & Resolution: Quantified Risk Reduction Plans*(25:27) - Prediction & Resolution: Convergence of Priorities as a Result of Transformation*(30:38) - Mike's Prediction: Vendor Consolidation-----------------Links:Connect with Ilona on LinkedInConnect with David on LinkedInConnect with Mike Anderson LinkedInwww.netskope.com

Hear from members of the UK's Climate Financial Risk Forum, as we dive into their brand-new publications on climate litigation and physical risk. Part 1 | Litigation Risk Underwriting Guide | 00:00:00–00:15:54 Part 2 | Physical Risk Underwriting Guide | 00:15.54–00:36:13 The Climate Financial Risk Forum (CFRF) was set up in 2019 by the UK's Prudential Regulation Authority (PRA) and the Financial Conduct Authority (FCA), to build capacity and share best practice across industry and the regulators to advance the sector's responses to the financial risks from climate change. In this special episode, we discuss the CFRF's Litigation Risk and Physical Risk Underwriting Guides, which are available from 9 December 2022. The guides focus on risks that are particularly pertinent to the insurance industry, but are highly relevant to many financial firms. The guests were all heavily involved in producing these publications, so they'll be sharing their thoughts and insights as a compliment to the papers themselves. For the litigation portion of this episode, we will discuss: Why climate litigation risk deserves special attention from insurers; How financial firms are reacting to the fast-changing litigation landscape; and Key recommendations for financial institutions trying to understand their exposure to this risk. And for the physical risk portion, we will discuss: The distribution of physical risks globally relative to the distribution of global insurance; The challenges of modelling complex hazards from climate change; and The capabilities that financial firms can build and the strategies they can adopt to deal with highly uncertain risks. Links from today's discussion: CFRF's Litigation Risk Underwriting Guide CFRF's Physical Risk Underwriting Guide Other CFRF 2022 publications Results of the 2021 Climate Biennial Exploratory Scenario (CBES) Nigel's previous appearances on the Climate Risk Podcast and the Climate Risk Webcast Grantham Institute's 2022 Global Climate Change Litigation Snapshot Geneva Association's 2021 Global Report on Climate Litigation UN's Net-Zero Insurance Alliance (NZIA) homepage Speaker's Bios Nigel Brook, Partner, Clyde & Co. Nigel has been a partner at Clyde & Co since 1985 and heads the firm's reinsurance team. An international insurance and reinsurance disputes specialist with over 30 years' experience, Nigel is considered by many to be one of the top insurance lawyers worldwide. He leads Clyde & Co's global campaign on Resilience and Climate Change Risk, building a body of know-how and raising awareness of climate-related legal duties and potential liabilities. He is a member of the Law, Regulation and Resilience Policies Working Group of the Insurance Development Forum – a public/private partnership seeking to optimise and extend the use of insurance and the industry's risk management capabilities to protect those most vulnerable to disasters. He co-authored the firm's 2018 Reports on Parametric Insurance and Inclusive Insurance – exploring the role of innovative risk transfer in closing the global protection gap – and has authored and edited Clyde & Co's 2018/19 series of reports on the rising tide of Climate Change liability and duties of care. Paul Barrett, Chief Risk Officer, AIG UK Paul is Chief Risk Officer for AIG UK. He is also the designated ‘Senior Manager' for Climate Change Risk. Paul reports jointly to the Board of AIG UK and Fabrice Brossart, CRO, GI International. Paul's team is responsible for the Risk Governance, ORSA, Stress Testing, Risk Register, Risk Appetite & Limits and Operational Risk processes. Paul also works closely with the Group in helping to develop AIG's Climate Strategy. Previously Paul was Assistant Director, Solvency II at the Association of British Insurers (ABI). Prior to that Paul worked in Policy at the Financial Services Authority. Shane Latchman, VP and Managing Director, Verisk As a vice president and the managing director of Verisk's Extreme Event Solutions team in London, Shane Latchman is involved in many of Verisk's extreme event models and Touchstone initiatives, such as the integration of third-party data and models, expanding Verisk's capabilities in marine and energy, climate change quantification, and the Next Generation Financial Module. He interacts frequently with rating agencies and regulators on topics such as stress tests, climate change, and the Solvency II directive on EU insurance regulation.  Shane joined Verisk after receiving his master's degree in 2008. Shane sits on and collaborates with various industry working groups, committees, and boards, including Bank of England, Open Data Standards, Insurance Development Forum, and Cass Business School. He writes and speaks frequently on topics related to catastrophe risk and climate change. Joss Matthewman, Senior Director of Climate Change Product Management & Strategy, RMS Joss rejoined RMS in 2020 as Senior Director of Climate Change Product Management. Prior to this Joss was Head of Catastrophe Exposure Management at Hiscox, responsible for natural catastrophe, war, terror and political violence exposure management and reporting across the group.  Before joining Hiscox, Joss spent seven years in model development at RMS where he worked on the North Atlantic Hurricane and Asia Typhoon models, before being appointed Head of Storm Surge Modelling. During this period Joss joined the PRA working group on climate change which he continues to engage with today. Prior to entering the insurance industry Joss obtained a PhD in Applied Mathematics from UCL and worked as a postdoctoral researcher in climate science at the University of California, Irvine. His published areas of research include stratospheric sudden warmings, and the impact of sea-ice on global atmospheric teleconnections.

Denis Camilo, Risk and Compliance Director at Protiviti, talks with Lauren Munfa, Head of Americas Investment Bank C&ORC at UBS, about how much her parent management training translated to running a large compliance program. SHOW NOTES 00:51 Career Journey 03:58 Top Skills for Risk Management 08:05 The Importance of Immediate and Consistent Rewards 15:49 How to Give an Effective Command 21:26 How Root Cause Analysis Applies at Home and in the Office Transcripts and subscribe to newsletter: https://www.riskywomen.org/2022/11/podcast-s5e9-how-children-have-made-me-a-better-compliance-leader-lauren-munfa/

Kimberley Cole talks with Rupal Patel, Head of Data Insights & Risk Intelligence at Acin and Founder of Women in Risk and Control, about moving operational risk from a solely qualitative discipline to a data led one and why connection and networks are key! Show Notes 01:51 Career Journey 12:46 Biggest Risks 20:53 Women in Risk and Control 27:51 Acin & Op Risk Ahead 46:50 Rants & Revelations Transcripts and more: https://www.riskywomen.org/2022/11/podcast-s5e8-taking-control-rupal-patel/

Business executives leverage cybersecurity programs to understand residual risk. That helps them make informed decisions to mitigate risk to an acceptable level. This session provides guidance to improve program maturity in stages.Maturity Level 1.Minimal Compliance Development of an information security programshould begin with a reputable baseline such as the NIST Cybersecurity Framework.A framework communicates the minimum controls required to protect an organization. It is also necessary to include control requirements from applicablelaws, regulations and contractual obligations. Compliance with external requirements is also a minimalistic approach when designing a program. Maturity Level 2.Common Controls Control frameworks provide mid-level guidance and are not intended to be prescriptive. That is by design. This level of maturity addresses common security safeguards that are not specified in the control framework. It is necessary to identify and implement them. Gap analysis: Deploy controls based on proven methodologies such as the 20 CIS Controls. - Patching- Penetration testing- Web application firewallEstablish a risk-based approach for implementing controls.Maturity Level 3.Risk Management It is necessary to tailor controls to the organization and to adapt to changes in the threat landscape. We discuss 'Threat Landscape and Controls Analysis' and a Risk Register process. Maturity Level 4.Strong Risk management At this level the organization begins to demonstrate ownership of the cybersecurity program from an operational risk perspective. When management communicates low risk tolerance, that is synonymous with a commitment to strong risk management.- The cybersecurity program maintains controls specific to line of business products, services and assets - An operational risk management function maintains a risk scenarios inventory and conducts quantitative risk analysis - Incident response and business continuity exercises are conducted annually to include senior executives, lines of business leaders, information technology, legal, public relations and critical suppliersA multi-generational plan can be used to improve program maturity. Strong risk management pays dividends over time with low occurrence of harsh negative events. When incidents do occur, controls are in place to limit business impact. About the speaker: Gideon Rasmussen is a Cybersecurity Management Consultant with over 20 years of experience in corporate and military organizations. Gideon has designed and led programs including Information Security (CISO), PCI - Payment Card Security, Third Party Risk Management, Application Security and Information Risk Management. Has diverse cybersecurity industry experience within banking, insurance, pharmaceuticals, DoD/USAF, state government, advertising and talent management.Gideon has authored over 30 information security articles. He is a veteran of the United States Air Force, a graduate of the FBI Citizens Academy and a recipient of the Microsoft Most Valuable Professional award. Gideon has also completed the Bataan Memorial Death March (4 occurrences).

Business executives leverage cybersecurity programs to understand residual risk. That helps them make informed decisions to mitigate risk to an acceptable level. This session provides guidance to improve program maturity in stages. Maturity Level 1. Minimal Compliance Development of an information security programshould begin with a reputable baseline such as the NIST Cybersecurity Framework. A framework communicates the minimum controls required to protect an organization. It is also necessary to include control requirements from applicablelaws, regulations and contractual obligations. Compliance with external requirements is also a minimalistic approach when designing a program. Maturity Level 2. Common Controls Control frameworks provide mid-level guidance and are not intended to be prescriptive. That is by design. This level of maturity addresses common security safeguards that are not specified in the control framework. It is necessary to identify and implement them. Gap analysis: Deploy controls based on proven methodologies such as the 20 CIS Controls. - Patching - Penetration testing - Web application firewall Establish a risk-based approach for implementing controls. Maturity Level 3. Risk Management It is necessary to tailor controls to the organization and to adapt to changes in the threat landscape. We discuss 'Threat Landscape and Controls Analysis' and a Risk Register process. Maturity Level 4. Strong Risk management At this level the organization begins to demonstrate ownership of the cybersecurity program from an operational risk perspective. When management communicates low risk tolerance, that is synonymous with a commitment to strong risk management. - The cybersecurity program maintains controls specific to line of business products, services and assets - An operational risk management function maintains a risk scenarios inventory and conducts quantitative risk analysis - Incident response and business continuity exercises are conducted annually to include senior executives, lines of business leaders, information technology, legal, public relations and critical suppliers A multi-generational plan can be used to improve program maturity. Strong risk management pays dividends over time with low occurrence of harsh negative events. When incidents do occur, controls are in place to limit business impact.

Hear from Prof. Clifford Rossi as we examine some of today's biggest financial risk modeling challenges. Risk modelers have recently been befuddled by rare and powerful non-financial events, including the pandemic, geopolitical conflicts, radical weather happenings, and a supply-chain crisis. What are the characteristics and impacts of these unpredictable incidents? In this podcast, University of Maryland professor and GARP CRO Outlook columnist Clifford Rossi will address these issues, and also share his views on how financial institutions can better understand these risks and link them properly to financial losses.

Paul Benda, SVP, Operational Risk and Cybersecurity with the American Bankers Association joins Tom and Megan talking about #BanksNeverAskThat an Anti-Phishing campaign to empower consumers. 

In this episode we have another incredible subject matter expert from Freddie Mac, Terri Merlino. We have a conversation about risk management, specifically what Freddie Mac is actively doing to create affordable credit options for home buyers, how mortgage originators can use tools to create efficiency and productivity, as well as what a culture of risk awareness looks like.   Terri Merlino is Senior Vice-President & Chief Credit Officer for Freddie Mac's Single-Family Division. She leverages her broad-based knowledge of mortgage operations, sales, processing, underwriting, quality control and secondary marketing activities to substantially and positively impact Freddie Mac's mortgage credit risk management efforts, as well as our client experience.  Prior to Freddie Mac Terri held the roles of Chief Credit Officer and Chief Risk Officer at New Penn Financial and spent many years at PHH Mortgage as Senior Vice-President of Credit and Operational Risk, where she was responsible for fostering a risk-aware culture through her leadership of all aspects of credit and operational risk management.  Terri has served on several industry committees, including Fannie Mae's Risk Management Forum and Freddie Mac's Credit Advisory Board, and twice been named a HousingWire Women of Influence. She also holds a Bachelor of Business Administration in accounting from the University of Houston.  Connect with her on LinkedIn: https://www.linkedin.com/in/terrimerlino   Learn more: www.FreddieMac.com   If you are enjoying the MME podcast, please take a second and LEAVE US A REVIEW, and don't forget to connect with us on social media! 

Stop wasting your time when solving million-dollar problems with cosmetics. New tracking software, a reorganization, or a new initiative is a straightforward approach.For senior leaders who want more outcomes by design, level up quickly with these insights. Free resources teach critical thinking and critical influence at https://www.InsideStrategicRelations.com/newsletter/

Deliver on your company goals and ride out that risk in style with expert consulting from The Risk Of You. More details at https://theriskofyou.com (https://theriskofyou.com)

#Cybersecurity has an ability now within the new CISO paradigm to lead and help maintain trust with an organization's customers. Video from CISOlife™ about how cybersecurity is treated as an operational risk within the business. --- Support this podcast: https://anchor.fm/cisolife/support

In an interview with RMA Communications Manager Stephen Krasowski, Varo Bank Chief Risk Officer Philippa Girling discusses the second edition of her book "Operational Risk Management: A Complete Guide for Banking and Fintech," where she offers guidance banks can apply to ensure they are effectively identifying, assessing, monitoring, and mitigating operational risks. For podcast sponsorship/advertising opportunities, email RMAsponsor@rmahq.org. Have a smart phone or tablet? Subscribe for FREE to our podcasts on Apple Podcasts, Spotify, and Google Podcasts.

Brought to you by The Ontic Center for Protective IntelligenceProduced by AJ McKeonMusic by Brian Bristow and performed by Smokin' NovasContact us at podcast@ontic.co or visit ontic.co/center for more information.

Business today is a complex web of third-party relationships, and risks of disruption from these third parties are increasing in frequency and severity. Problem: Most enterprises follow a siloed approach with assessments of a few risks Data collected at a point in time is quickly stale – fails to present a current view of risk Usually limited to financial and cyber (often lagging indicators of trouble) – fails to present a comprehensive view of risk Siloed approach – fails to provide an enterprise-wide view of riskAll of which leaves organizations unable to prevent third-party and supply chain disruptions.Solution: Real-time full-spectrum third-party risk intelligenceReal-time intelligence provides an early warning – to enable effective proactive risk mitigation actions Full-spectrum coverage brings any leading indicators to your attention – to enable focus on most today's most critical risksIn this CRO Wisdom discussion, risk leaders Atul Vashistha, CEO, Supply Wisdom, and Debra Zoppy-Hendershott, Head of TPRM & Op Risk Business Resiliency, Guardian Life and Mike Rasmussen, GRC Pundit & Analyst, GRC 20/20 Research talk about the integration of continuous, full-spectrum risk intelligence into existing third-party risk/GRC architecture  can deliver the continuous 360° situational awareness enterprise resilience requires today.

 This episode of CRO Wisdom features Linda Tuck Chapman, CEO, Third Party Risk Institute. In this episode hosted by Atul Vashistha, Chairman, Supply Wisdom, Linda speaks about her career trajectory from procurement to third party risk at Scotia Bank and how the function was all about compliance and regulatory reporting in the 2000s. Linda discusses her entrepreneurial journey and raising awareness about the importance of third party risk in the board at banks. She talks about her two books on the subject and why one of them is written for auditors. Listen to her on why she believes the Covid pandemic has fundamentally changed the landscape for third party risk and its role in resilience and why continuous monitoring needs solutions that can prevent risk teams from being bombarded with negative news alerts. 

Join us for an eye-opening discussion on automating operations for multifamily properties with Leonardo247's Bob Bradley — streaming now! And for more Apartment Academy tips, trends, and tricks, click here!

This episode of CRO Wisdom features Paul Milkman, CISO, Operational and Technology Risk Leader, CIT.  In this episode hosted by Atul Vashistha, Chairman, Supply Wisdom, Paul speaks about how he landed into risk from his time at Xerox in the 90s and later in Fannie Mae. Paul discusses the importance of operational risk and why it is particularly relevant when every financial institution works with technology and operational partners who handle data and money. He shares his thinking around what is important in third-party risk isn't  very different from the risk within the enterprise and why there is more to risk than just cyber risk and ransomware.

This episode of CRO Wisdom features Yakut Akman, Risk Leader. Yakut Akman was Chief Third Party Management Officer at Citi till 2019, following long stints at Deutsche Bank and Citi across the world. In this episode hosted by John Bree, Chief Evangelist & Chief Risk Officer, Supply Wisdom, Yakut talks about her long career in internal audit and risk management.  Yakut discusses the importance of a risk culture within organizations and why it's essential for risk management to not be reactive. She shares her views on best practices for incorporating continuous monitoring and why the business must be part of the solution for risk.

This episode of CRO Wisdom features Victor Meyer, COO, Supply Wisdom. In this episode hosted by John Bree, Chief Risk Officer and Chief Evangelist, Supply Wisdom, Victor talks about his long career in the Navy as a SEAL and how he naturally transitioned into Non-Financial Risk from there. Victor talks about his extensive risk experience at Deutsche Bank and the risk component in recent issues such as the Archegos fallout. Victor points out why third-party non-financial risk is the new cybersecurity risk and why risk practitioners must apply the same rigor to monitoring third parties in their supply chains as they would to internal governance and controls. He makes a case for monitoring risk across a wide risk aperture to ensure resilience.

This episode of CRO Wisdom features Renee Forney, Senior Director, Azure Hardware Systems & Infrastructure Security, Microsoft. In this episode hosted by Atul Vashistha, Chairman, Supply Wisdom, Renee talks about her career trajectory from programming and network administration to her current leadership role in cybersecurity and risk management. Renee discusses why a multi-layered approach to risk management that goes beyond one-time risk assessments is essential to effectively build resilience. She shares the importance of continuous monitoring and OSINT to enterprise risk programs and her own lessons incorporating experts from government and military services to build effective risk programs. Don't miss her insight into why ethics in the workforce is one of the least understood areas of risk, especially in a world where engineers wield enormous influence. 

Managing risks and strengthening controls associated with operations have become increasingly more complex for all organizations. Firms are expending significant time, money, and resources to implement required changes and prioritize operational risk management efforts. As costs continue to increase, it is clear that the overly manual, reactive, and siloed status quo is unsustainable.In this episode of Protiviti's Powerful Insight's “Future of Risk and Compliance” podcast series, Protiviti Risk and Compliance Director Bygie Dixon interviews Patrick Dillon, Executive Vice President and Head of Independent Testing and Validation at Wells Fargo. Bygie and Patrick share insights on successfully applying emerging technologies and leveraging an innovative mindset to reduce risks and strengthen controls. To learn more about Protiviti's Risk Transformation services, visit us at our website: www.protiviti.com/US-en/risk-compliance/risk-transformation. Transcriptions of Powerful Insights are available upon request from kevin.donahue@protiviti.com.

The Risk Management Association (RMA) promotes sound risk principles in the financial services industry. Sylwia Czajkowska, Associate Director of Operational Risk at the RMA, discussed the results of a recent survey focusing on COVID-19's impact on third-party risk management practices for FIs. This survey produced an ongoing dialogue that yielded key insights into the rapid deployment and evolution of vendor risk management practices and what that might mean for the future. What was the overall effect on operations for FIs? Listen and find out!

This episode of CRO Wisdom is hosted by Atul Vashistha, Chairman, Supply Wisdom. In this episode, Ivan Pooran, Head of Enterprise and Operational Risk, Guardian talks to Atul about his long career in risk. He discusses his perspective on how he expects third-party risk, cybersecurity risk, business continuity risk, climate risk, AI risk and other risks evolve in 2021 and beyond. Listen to this episode of CRO Wisdom for a risk leader's views on the importance of governance, technology, and continuous risk monitoring. Don't miss his advise on how to build a career in risk management.

What is required for the German auditing standard, IDW PS 340 n.F.? Karl Viertel and Claudia Howe (Sales Director at Alyne) talk to Jochen Friedemann (Head of Operational Risk at HDI) on operational risk and preparing for audit against such standards. Listen in as they discuss aspects such as risk models, risk assessment (qualitative and quantitative), documentation, communication and tips like talking to the auditor in his/her own language.This week's Top 3: How to recognise a Big 4 consultant