Here’s a great video from our partners at RSA Archer about the IT group at St. Luke‘s Health System in Idaho, and some of the challenges they were experiencing with GRC reporting. IT Security Director Reid Stephan talks about lists — servers, end-point devices, applications, locations — all living in different spreadsheets and shared drives. There was […]
Iceberg is driven by a passion to make a difference in other people’s lives, whether we are working with customers, with colleagues or in the community. It’s become a tradition for us around the holidays to find a way to give back and help under-privileged people in our community. In years past we’ve helped local […]
Earlier this week at the RSA summit in Orlando, I had the chance to hear Art Coviello talk about some of the trends we’re seeing in IT security. Mr. Coviello is the Executive Chairman of RSA and the Executive Vice President of EMC Corporation. Mr. Coviello says we’re in the best of times and worst of times for IT […]
What level of confidence does your CFO have in the risk information coming out of IT? That’s a question we often ask to our customers, and typically the answer is “not a lot of confidence”. While processes and methods for areas like Credit Risk, Financial Risk and Market Risk are fairly mature, Operational Risk and […]
Here’s a video featuring RSA’s Steve Schlarman, discussing the evolution of Governance, Risk and Compliance (GRC). He explains why enterprises are moving to an intelligence-driven approach to GRC, from an IT security perspective.
Here’s an interesting article from CFO.com about how risk is evolving from a tactical tool to a strategic business enabler. Authors Frank Friedman and Chuck Saia make several useful observations: Instead of asking “what technology do I need”, CFOs should ask “Is there an organization or group in place that is appropriately set up to make […]
Blue Hill Research recently published a research paper about the use of spreadsheets to manage compliance and risk requirements. You can read the full report here… Their findings confirm what we hear from our clients: they tie organizations to manual processes, they limit collaboration, and they can’t scale. While Excel might seem like a low-cost […]
OK, so your organization has held the appropriate workshops to articulate the vision, and now everyone is wondering “How do we get there?” You’re not alone. In fact I’ve worked with organizations that had the most detailed vision that identified characteristics of the end state along with the overall objectives of the program, but they […]
The most intelligent people still get lost in a big city without a map. Although trial and error may result in you reaching your destination, time and effort has been wasted in the process. Interestingly, most organizations have leadership teams that have a clear idea about their desired destination, and where it needs to be.
This article explores the two main activities required to start the journey of implementing a software based solution to support Operational Risk Management. I would like nothing better than to tell you that the journey is swift and free of challenges, but the truth as you might suspect is much different. The good news is […]