A twist on risk appetite
The standard definition of risk appetite is “the amount of risk you are willing to take in the pursuit of objectives”.
Upgrade to effective GRC
I joke about what GRC means. Apart from the IIA (who talk about governance, risk, and controls), everybody knows that the acronym stands for Governance, Risk Management (or ERM), and Compliance.
Common sense on cybersecurity
Today’s post contrasts two recent pieces. PwC shared some very traditional thinking in Overseeing cyber risk: the board’s role.
