TOPICS

Filter topics and select a topic to start

Filter by:

All

Data Security

Data Usage

Data Regulations

Process Governance

Compliance

Ethics & Sustainability

Emerging Technology

Human Resources

Financial Discipline

Getting Started

Personal Data Security

Home Life

Risk Assessment and Management

Taking risks is part of doing business. Addressing up front the risks that most affect a particular company and industry helps reduce the negative impact if it occurs. Results from not addressing risks range from inconvenience to devastating. But managing risks can soften the financial blow and enable long term success.

Vendor Management for Business

Materials, products, services and other items consumed by your business ultimately reflect in YOUR product or service. What comes into your company directly affects what your immediate stakeholders and customers see. A vendor relationship starts before the contract is signed. Select the best vendor for your needs, then nurture the often-neglected relationship.

Inventory Management for Business

The end result of inventory management is to have the right product at the right amount at the right place at the right time. Inventory problems can have a huge negative effect on your business, especially cash flow. But there are several controls and processes that can help ensure your customer gets the product to their satisfaction.

Change Control Governance

Physical and digital changes are constantly made in business operations. But connected to each change is often a chain of other actions to consider, both before and after the change. Changes to processes, products, or services has serious ramifications to your success and reputation if done incorrectly. Change control is meant to reduce the chances of a key item being missed or not communicated.

Machinery Controls for Business

Proper maintenance and training on your machinery is critical for maximizing its value, whether the equipment is used for producing widgets, doing calibrations, or producing lab results. Great maintenance is preventive and not reactive.

Incident Response Plan

Cyber security events can be small and occur over an extended period or be large and immediately impact your business viability. An incident response (IR) plan focuses on how to identify, respond, and recover from such events. Events hit businesses without warning, and a thoughtful plan provides guidance in chaotic moments.

Disaster Recovery Plan

Like life insurance, a disaster recovery plan (DRP) is something you hope never to use but it definitely helps if something disastrous happens. A DRP addresses the possible risks to all your key systems, without which your business would have difficulty functioning. Whether a disaster caused by employees, criminal elements, or nature, preparedness is critical to returning your business back to full functionality.

Data Breach Notification

Companies that manage or possess customer or employee personal information are responsible for reporting theft or disclosure of that data. Each state and country has its own requirements for reporting a security breach of personal data. A data breach plan is designed to address the technical and administrative requirements before a data breach occurs so that the focus can stay on breach remediation.

User Access Management

User access controls, or lack of them, is a leading reason how cyber criminals can access business data. System and application access controls focus on keeping your user access list current and clean. This requires a focus on terminations, special privileges (admin rights), contractors, and regular reviews.

Privileged Access Management

Unwanted access into systems to abuse or steal valuable company data is usually accomplished using privileged accounts. Privileged accounts provide almost unlimited access to critical business systems and information. Actively managing privileged system access (PAM) is undoubtedly a key component of stopping cyber theft, ransomware, and other system attacks.

Cyber Security Plan

Securing your systems and applications from criminal cyber elements requires a structure that ensures key areas are consistently addressed. A cyber security plan focuses on risks, policies and procedures, training, and strategy planning.

Application Development Controls

Security holes in applications are sought by cyber criminal elements. Whether internal or external applications, security controls are needed to safeguard valuable information. Consistently adhering to basic application development controls reduces the possible vulnerabilities in your systems.

Policy Development

A policy is a documented management statement that identifies an important company issue and states why it needs to be done. Clear and concise policies provide all stakeholders with a good understanding of how your business wants to operate. Policy Development defines the guidelines for creating these solid policies. The lack of a comprehensive policy can sway a legal opinion and ruling. So it's critical to get the policy right from the beginning.

Policy Management

A successful policy clearly states the requirements for everyone operating within a business. Policy management defines how to maintain existing policies as circumstances change. A policy that does not match what is actually happening in your company is confusing to internal and external stakeholders. In some cases, inaccurate policies may have serious legal ramifications.

Enterprise IT Governance

Regardless of company size and products provided, information technology (IT) is the backbone that keeps it running. But often an IT function is not aligned with company goals. This results in mistrust, frustration, wasted money, and failed projects. IT enterprise governance focuses on aligning and blending IT requirements to keep the lights on and simultaneously work with the business to grow its value.