Articles

  • All
  • Articles
  • Awards
  • News
  • Risk Assessments
  • Solutions
  • TPRM

Is risk ownership aligned to the board of directors?

Providing risk management with a dedicated home at board level allows for the clearer oversight and accountability of management and processes. In turn, this ensures sound governance practices and a focus on transforming risk management into a centre of excellence. The board of directors is where the risk “buck stops”. After all, this is the…

Application Attack Surface

When assessing application risk, many organisations focus on the obvious: the software that they already know. They then proceed to overlook the full inventory of applications and code when reviewing digital assets. These ‘known’ applications typically have a high brand value or financial value, carry compliance requirements, or have been linked to previous breaches. The…

What is DevSecOps?

What is DevSecOps? The term “DevSecOps” places information security into the original operating model of “DevOps”. DevOps itself refers to the collaborative operating team of software developers and IT operations staff. DevOps is common practice the world over. The trouble, though, is that it was built for agility, speed and reliability – not security. And…

Third Party Risk Management Software for the Financial Sector

Regulators the world over are now holding financial institutions responsible for the actions of their third parties — thanks largely to the 2008 financial crisis and several high-profile attacks that leveraged third parties’ information security weaknesses. As a result, the financial services sector now requires strong third party risk management. The governance, compliance and regulatory…

Third Party Risk Management Silver Lining is Industry Self-Regulation

In today’s business environment it’s impossible to find a company that doesn’t contract with a third-party vendor to provide services. However, the convenience, flexibility and opportunities of outsourcing to third parties comes with significant risks. The risks vary from industry to industry, the common threats being regulatory and the impact of a potential third-party vendor…

THIRD PARTY RISK MANAGEMENT A KEY GLOBAL PRIVACY COMPLIANCE REQUIREMENT

Background to current privacy challenges Organisations that collect and process personal information are faced with increasing Privacy compliance challenges, especially where their operations span multiple geographic regions. This, paired with a growing reliance on external service providers to support core business operations, creates complex Privacy compliance challenges. Some Privacy models are more comprehensive than others,…

ISACA Max Blecher Innovation Award Winner: Triplicity

ISACA Max Blecher Innovation Award Winner: Triplicity Patrick Ryan won the Innovation Award at the annual ISACA event on 29 September 2017, for Triplicity. Well done to the team — so proud! Congratulations to Patrick Ryan, the Managing Director of Mobius Services (Pty) Ltd & Phinity Risk Solutions, for winning the award. Under Patrick’s direction,…