Insight Search Search Submit Sort by: Relevance Date Search Sort by RelevanceDate Order AscDesc Flash Report March 3, 2021 Virginia Becomes the Second State to Enact Consumer Privacy Law The Commonwealth of Virginia passed the Consumer Data Protection Act (CDPA) into law on March 2, 2021, following overwhelming bipartisan support for a state consumer privacy law. The November 2020 election results provided the much needed impetus to strengthen consumer privacy for the Commonwealth of Virginia. State officials wasted no time in introducing the privacy bill. Now that the bill is… Newsletter April 20, 2020 Compliance Insights - April 2020 Your monthly compliance news roundupOCC Reinforces Third-Party Risk Management ExpectationsRegulatory expectations related to third-party relationships have evolved considerably since 2013, when the Federal Reserve Board and Office of the Comptroller of the Currency (OCC) issued prescriptive guidances SR 13-19 and OCC 2013-29, respectively. To account for this evolution, the OCC published OCC… Flash Report July 31, 2023 SEC Cybersecurity Disclosure Enhancements: Efforts to Boost Investor Confidence On 26 July 2023, the U.S. Securities and Exchange Commission (SEC) adopted amendments1 to its rules on cybersecurity risk management, strategy, governance and incident reporting by public companies subject to the reporting requirements of the Securities Exchange Act of 1934. The SEC’s view is that cybersecurity threats and incidents pose an ongoing risk to public companies, investors and market… Whitepaper July 12, 2021 Top 10 pitfalls of an IAM programme In spite of over 20 years of experience as an industry, Identity & Access Management (IAM) programmes continue to struggle — and with good reason. There is a lot that can go wrong with an IAM programme. Lack of funding, treating IAM like a project and not a programme, not having business buy-in, and trying to overly customise packaged software are all examples of significant challenges that… Newsletter February 12, 2021 Implementing Operational Resilience Across the Organisation: An Essential Checklist Like any enterprisewide organisational change, implementing an operational resilience programme across an organisation requires a careful and collaborative effort to be successful. Whether implementation has been in the works for several years or is just beginning, turning the resilience programme from concept to reality is hard work. Except for the most dynamic and change-oriented organisations… Whitepaper September 21, 2020 Driving Operational Resilience From the C-Suite The actions and decisions of C-suite leaders are typically driven by strategies designed to guide businesses toward growth and success. These plans invariably contain many assumptions. One is the expectation that their organisations will be able to deliver goods and services to customers even under stressful conditions – an expectation of resilience that is sometimes ill-conceived and unsupported. Podcast March 31, 2020 Podcast- GRC Technology Perspectives Around the Globe - United Kingdom This is a series of podcasts on GRC programmes and technologies, obtaining perspectives from Protiviti leaders and subject-matter experts around the world on GRC drivers, innovations and challenges in their markets. This episode features conversation with Protiviti Managing Director Scott Bolderson and Associate Director Nicolas Perna. Scott is a leader within our business performance… Whitepaper September 16, 2020 The Road to Resiliency – Building a Robust Audit Plan for Operational Resilience Executive Summary The financial services industry has long relied on internal audit functions to assess and challenge the effectiveness of various programmes designed to protect and build organisational value. These programmes have included disaster recovery, business continuity, risk management, cybersecurity, and many others designed to help institutions recover from an event. The pressure… Flash Report November 30, 2022 Corporate Sustainability Reporting Directive (CSRD) Approved by European Council; More Than 50,000 Organisations Affected For the latest on CSRD, click here.On 28 November, 2022 the European Union (EU) Council (“Council”) gave its final approval to the Corporate Sustainability Reporting Directive (CSRD), which will require new, standardised and detailed sustainability reporting by companies. The CSRD represents a significant expansion from the earlier Non-Financial Reporting Directive (NFRD), which it replaces, and… Flash Report April 28, 2022 Protecting your organisation from insider threats in a changing world Cybersecurity threats are growing exponentially as companies introduce an increasing number of Internet of Things (IoT) devices into operations and collect and store an ever- escalating amount of data. This technology and data sprawl is providing bad actors with more entry points into networks and systems. Too often, organisations have failed to make commensurate investments in data protection,… Load More