We are proud to be premium sponsors at the GRC Conference in Stockholm, a place to be inspired with plenty of talented GRC professionals sharing their knowledge. At Transcendent Group we have a lot of exciting assignments and our senior consultants utilize years of experience from the industry, leading to plenty of stories with knowledge and insights, and good stories are meant to be told. Thank you to everyone who attended our sessions during the conference and for all the great discussions in our booth!
Kevin Aytap – a saga from the real world – what i read and couldn’t believe was real, came true.
Most of us probably read surveys and trends from large consulting firms, storytelling about unbelievable fraud cases and security flaws happening somewhere far away from your own reality. And most of us probably have the experience of trying to use those examples to increase the organizations awareness, when your colleagues politely looks at you wondering if you have read to much fiction books and are too paranoid. How do you take your concern from that point to actually implement internal controls that deter fraudulent activities?
Fredrik Eriksson – How to manage your cyber risks in the era of digitalization
Currently the majority of our companies are facing new challenges with their new digital business models. One is Cyber security. An area that previously has been closely linked to IT but is now a big part of the core business due to the digitalization. This implies a huge effect on how cyber risks are managed and how the responsibilities are shared within the organization. Hence, an organizations different functions must work together to set up a holistic defense for cyber threats, gain synergies, and maintain and manage competence, all to enable digital business value. This session will be an introduction in how this can be achieved and what some of the challenges are when orchestrating a risk management framework to protect the traditional IT organization and your digital business products and services.
Shaun Reardon – It´s not your fault but…an investigation is a risk worth mitigating
Shaun Reardon is a senior consultant at Transcendent Group in Trondheim, Norway. He was a detective at Scotland Yard in London for over 26 years specializing in cyber investigations, economic / complex crime and intelligence. He was the lead technical investigator into the attempt to simultaneously blow up 7 transatlantic airliners in 2006. Shaun has also consulted on crisis management within Norway.
His presentation is titled “It´s not your fault but…an investigation is a risk worth mitigating” Using his global experiences in terrorism, espionage and crime he examines some of the stages leading to unwanted events such as the motivations of bad actors, the planning leading to unwanted events and the negative impact of an investigation on an affected business.
The main message is that by applying and integrating appropriate intelligence techniques into most aspects of Governance, Risk and Compliance activities, there exist opportunities to identify and implement comprehensive controls to mitigate the effects of an incident.
New guidelines on internal governance for credit institutions and investment firms are effective as of 30th of June this year. These guidelines emphasize risk management and require that a sound risk culture is implemented. This implies that everyone within a company, from board level to the individual employee, should be able to understand, explain and manage risks inherent in the business model.
When the European Banking Authority (EBA) published the preceding guidelines in 2011, the implementation required an extensive amount of work within the financial industry. The effort required to implement these new guidelines is highly dependent on the general maturity of the organization regarding internal governance.
Our aim is to provide an overview of the new requirements and provide some thoughts around which actions that should be taken and how to prioritize them.