2021 will be the year topics related to Environmental, Social, and Governance (ESG) risks finally command the attention in U.S. board rooms they have received elsewhere across the globe. Boards will also be focused on the question of how to best measure progress...
Tone at the Top
Best Practices For Board Risk Committees
In partnership with Women Corporate Directors, The Santa Fe Group (managing entity of Shared Assessments) has explored the need for Board Risk Committees through a two-part webinar series. This blogpost describes the case for Board Risk Committees (BRC) and summarizes...
5 Ways To Strengthen Board’s Relationship With Cybersecurity
Cybersecurity’s emergence as a strategic risk has instilled the relationship between chief information security officers (CISOs) and board members with greater importance -- and higher stakes. Fostering a stronger cybersecurity capability requires directors to take...
5 Ways CISOs Can Deepen Board Relationships
Cybersecurity has swiftly become a strategic risk and a top boardroom concern. This shift has elevated the importance of the relationship between a company’s chief information security officer (CISO), or similar information technology (IT) executive, and its board --...
Cybersecurity: 4 Board-Level Trends
Consulting magazine recently interviewed Santa Fe Group Chairman and CEO Catherine Allen for an article examining cybersecurity challenges and related consulting trends. During the discussion, Catherine shared her insights on current cybersecurity issues, related...
Failed Risk Controls – The Wells Fargo Saga, Part Two
By: Bob Jones, Senior Advisor, The Santa Fe Group, Shared Assessments Program and Gary Roboff, Senior Advisor, The Santa Fe Group, Shared Assessments Program. The Sales Practices Report released by the Board of Wells Fargo on April 10th provides an extraordinary...
Strengthening Third Party Risk Management with Agnostic Program Tools
Third party mishaps resulting in breaches and other newsworthy events continue to drive home the need for improved risk management program capabilities in all verticals. From planning for engagement, through due diligence and vendor selection, contract negotiations,...
Tone At The Top: Culture Counts — The Wells Fargo Saga
“Tone at the Top” has become an often-quoted mantra in business circles but it appears to have shed a rather dim light when evidenced by the continuing saga at Wells Fargo. In a nutshell - in case you haven’t followed the recent news reports - the San Francisco-based...
Wrestling with Vendor & Incident Response Management
I’m sitting in the bleachers watching my sophomore son wrestle in an all-day varsity tournament. As the bodies tangle, each wrestler is looking to expose and act on their opponent’s vulnerability. As I thought about strategy I realized this process is similar to...
2016 Tone at the Top and Third Party Risk: Upcoming Report from the Ponemon Institute and Shared Assessments
The Shared Assessments Program sponsored a new study, conducted by the Ponemon Institute, which explores the role of executives in the risk management process in order to determine the role of Tone at the Top in minimizing business risks within organizations. The new...