Six ways Risk Management Software expands risk assessment coverage
This article is actually more focused on managing risks associated with vendors but the principles apply to other forms of risk and provides a succinct outline of the benefits of moving from a predmoinantly manual (perhaps Excel) based approach to a partially automated approach utlising risk management software.
View the full article here.
SFO brings first Bribery Act charges in bio fuels fraud case
The Serious Fraud Office has brought its first charges against individuals accused of violating the UK Bribery Act.
The full article is available here (without subscription):
This charge highlights the need to ensure that Governance, Risk Management and Compliance programmes have implemented sufficient controls to demonstrate every effort is being made to avoid similar breaches.
Deloitte survey concludes that financial institutions are placing more emphasis on risk management
An interesting article summarising the results of a survey run by our former colleagues at Deloitte. In short, the survey concludes that the majority of financial institutions are investing more heavily in governance, risk and compliance activity and that boards are devoting more time to reviewing risk.
Interesting to note that one of the key areas of concern for organisations is the technology used to support risk management. Less than 25% of institutions rate their technology systems as extremely or very effective.
Centralised GRC or integrated silos?
An interesting article here which considers if the trend is to centralise GRC teams and technologies or focus on integrating existing silos. Where common taxonomy and ways of working can be adopted, the business case to focus on centralised GRC (even if just for technology and resource cost savings) is a clear one though not without its challenges. Depending on the specifics of any given situation though, it may be better to invest in a central GRC technology capable of supporting all risk and compliance functions than it is to spend money integrating (and therefore needing to continue supporting and maintaining) legacy applications.
Corestream to obtain ISO Accreditation for Data and Information Security
CoreStream is pleased to announce that it is on track to reach formal ISO27001 accreditation. Data security sits at the heart of our culture and underpins all of our software products. The recent appointment of the British Assessment Bureau (BAB) to conduct a detailed independent audit is the final step in reaching accreditation and underscores CoreStream’s recognition of the importance of data security.
Our hosting partner, Memset, already hold ISO27001 and our accreditation will ensure that the end to end provisioning of our technology (from design and development through to hosting) will adhere to industry best practice in relation to information security.
CoreStream and Memset announce partnership
CoreStream is pleased to announce a strategic partnership with Memset, a UK based, industry leading provider of hosting services. This announcement follows 2 years of working closely together, formalising an already established relationship.
Memset are responsible for hosting our suite of cloud based products, providing expertly designed and configured architecture, ensuring that data is stored securely, performance is impressive and the costs are competitive. Memset are also carbon neutral and therefore in line with our commitment to reduce our environmental impact.
Five essential elements of a compliance programme
Extremely interesting and well written article on the five essential elements of a corporate compliance programme.
The theme running throughout is that it is important for any programme to be joined up and preferably benefit from being managed centrally. It is common for compliance activity within many organisations to be triggered by some form of failure in a certain area of the business. In response, new policies and controls, new processes and new systems are implemented to address the issue, leading to many disparate silos of compliance activity. This approach is inefficient but also doesn’t lend itself to the proactive management of compliance obligations.
Welcome to the CoreStream news feed
Welcome to the news section of the CoreStream site. This area of the site is used to periodically update our clients or other interested parties on relevant news articles or CoreStream announcements such as product launches or events.
Please email email@example.com if you would like to discuss any of the content or the products and services we offer.