Organizations today need to keep a close eye on the constantly changing Governance, Risk Management and Compliance (GRC) landscape. Newer and diverse risks, including increasing cyber risk, pandemic-related regulatory and policy changes, and risks associated with climate change now present a very real challenge that organizations need to prepare for.
Stay prepared for what’s next in GRC with our monthly round-up of the trending news and insights that you can use.
As the risk landscape expands, strengthening business resilience with enterprise and operational risk management remains a top priority for organizations. At the same time, regulatory requirements by governments and regulatory bodies has left organizations to deal with multiple layers of complex change, often happening simultaneously. This makes the compliance function an important priority for organizations of all sizes.
Here’s what has been spotted on the risk and compliance radar this month.
Other trending risk and compliance topics include, the publishing of the 2022 Interos Annual Global Supply Chain Report, which highlighted that only one-tenth of the survey respondents monitor supplier risks on a continual basis and the PwC Global Risk Survey, where 65% of survey respondents are increasing their overall spending on risk management technology.
With cyber actors continually improving the level of sophistication of cyber attacks, cyber-risk mitigation is now the top priority for organizations, governments, and regulatory authorities. In the month of May 2022:
In other IT risk and cyber risk news, Rob Joyce, the head of cybersecurity at the U.S. National Security Agency, is “still very worried” about the escalated cyber risk arising from the Russian-Ukraine war. For CISOs, this translates to continuing to track the conflict and putting measures in place to mitigate any direct attacks and cyberattack spillovers. The judgement by the Federal Court of Australia in the Australian Securities and Investments Commission v RI Advice Group Pty Ltd, has now made it clear that the failure to manage cyber risk is a breach of financial services obligations. This has led to the Australian Securities and Investments Commission (ASIC) publishing a guidance note on the critical cyber risk measures that AFSL holders are now expected to have in place.
The importance of assessing risks from climate change, environment, and social equity continues to create a lot of conversation. The top highlights include:
To be noted is the new survey report by Deloitte, which reports findings on how climate, sustainability, and social equity are now important considerations when it comes to shaping infrastructure plans. Also, various global regulators are aiming to bring new reforms to tackle greenwashing and promote greater transparency in environmental, social, and governance investments.
MetricStream empowers organizations to drive a connected GRC program. Leverage ConnectedGRC, and our BusinessGRC, CyberGRC, and ESGRC product lines, to better identify, assess, manage, and mitigate strategic risks, operational and enterprise risks, IT and cyber risks, third-party risks, compliance risks, and ESG risks.
Interested to learn more? Request a demo now.