What we’re reading this week from the world of risk management.
Risk.net: US life insurer MassMutual makes strides in op risk with corporate culture and IT
“The centrepiece of MassMutual’s risk management programme is the ‘MassMutual way’, a philosophy that allows every member of staff to raise potential risk management problems, which can then be fixed. The idea is based on Toyota’s famous system in which employees were empowered to halt production at the firm’s manufacturing plants if they spotted a defect on the assembly line.”
GovInfoSecurity: 2016 A Watershed Year for HIPAA Enforcement
“The nation’s HIPAA enforcement agency has been dramatically ramping up its issuance of breach-related financial penalties this year, in addition to its recent kick-off of a new round of HIPAA compliance audits.”
ABA Banking Journal: Banks Making Strides in Managing Third Party Risk
“Banks continue to make significant strides in the area of third party risk management — though many are concerned about a lack of knowledge and not having the appropriate tools to efficiently assess and manage vendor risk. Ninety percent of the institutions surveyed said they felt neutral or negative about how well their third party risk management tools were able to help them capture and report risk, and more than four in ten said that they consider lack of knowledge across the organization as a key challenge going forward.”
CSO: How to avoid being the next hospital breach
“Working together, every department and manager involved with the supply chain and partner organizations can build a safe environment. Doing so before a cyber attack or accidental data breach occurs can close a critical gap in your organization’s security posture.”
FinExtra: It Takes a Village to Manage Operational Risk
“Only through multiple village chiefs (CRO, CDO, Ops and Compliance Execs, CIO with RegTech) can big progress be made in managing operational risk.”
Compliance Week: Overcoming GRC Challenges in the Healthcare System (e-book*)
An overview of common and emerging risks facing healthcare organizations today, and how RSA Archer’s governance, risk and compliance solutions can help organizations more proactively manage risk.
*free registration required
Join our Risk Intelligence group on LinkedIn to get our weekly update.