Risk – it’s most detrimental when you don’t see it coming. Running any size business means anticipating and accepting some risks and establishing controls to mitigate others. Risk often originates ...

Your risk and compliance functions are probably costing you more than they should. Not just in budget, but in drag. When your functions are siloed, they create redundant work, blind spots and a bad ...

The Defense Department's plan to adopt NIST's risk management framework means that, for the first time, defense, intelligence and civilian federal agencies will use the same set of risk management ...

The National Institute of Standards and Technology posted the newest update to its Risk Management Framework. “RMF 2.0 is the first framework in the world to address security, privacy, and supply ...

The Army is launching Project Sentinel to adapt the current Risk Management Framework (RMF) process into a streamlined threat-informed risk decision process. The Army adopted the Risk Management ...

Following Black Hat and revelations about the lack of security on medical devices, I asked one of our information security gurus, Mike Johnsen, for his input on the possibility of a risk management ...

The Committee of Sponsoring Organizations of the Treadway Commission released a long-awaited update Wednesday to its ERM Framework: Enterprise Risk Management–Integrating with Strategy and Performance ...

Get the latest federal technology news delivered to your inbox. The need for effective cybersecurity in the federal government is more important now than ever before. Dr. Ron Ross, fellow at the ...

The A-D-A-E framework is a governance model that injects ESG accountability, enterprise risk management, regulatory ...

Global cyberattacks have risen sharply over the last few years, increasing by 38% in 2022, according to Check Point. Combine this with the increasing cost of a data breach, averaging $9.44 million in ...

Moving the Defense Department's authorization process for IT systems from the DOD Information Assurance Certification and Accreditation Process to the Risk Management Framework was supposed to provide ...