Rounding up 2018 risk management predictions
The start of the New Year means a raft of predictions from experts and pundits who look into their crystal balls and predict what’s to come in 2018. Here are some highlights from the world of risk management, audit and compliance:
- Gartner’s John Wheeler offers 3 Resolutions to Turn GRC Failure into IRM success. “Executive management must take the lead in breaking down the organizational silos and establishing key metrics to promote the management of risks that will have the greatest impact on the most important enterprise-wide objectives,” he writes. (We agree!)
- Matt Kelly posts Eight Compliance Events to Watch For in his Radical Compliance blog, including SEC guidance on cybersecurity, evolving maturity of vendor risk management, and changes in the GRC industry.
- The IIA’s Richard Chambers shares his Five Internal Audit Resolutions for 2018 and Beyond, focused on strategic goals for audit practitioners. “Internal auditors should position themselves to become the Doppler radar for emerging risks that threaten their organizations,” he says. “The challenge is to identify and embrace technology that will make internal audit functions agile and future focused.”
- In a video post, RSA’s David Walter gives his perspective on GRC and cybersecurity trends to watch for in 2018. “Risk economics will be a key factor for mature companies… organizations need to develop mechanisms to better quantify – in dollars and cents – the risk they have across the organization,” he says. David’s colleague Steve Schlarman has also posted a video with his predictions.
- Michael Nadeau in CSO offers 7 cyber security predictions for 2018, and the top two are focused on GDPR:“Organizations that don’t take GDPR seriously and experience an event that triggers an investigation by regulators are at real risk of a heavy fine,” he writes.
- Steve Durbin at SecurityInfoWatch says that cybersecurity will be the top priority of the board in 2018. Among his observations: The supply chain remains the weakest link in risk management, and new regulations (including GDPR) will add to the complexity of asset management.
Maybe at the end of this year we’ll do a recap and see which ones come true. All the best for 2018!