Risk, Compliance & GRC Thought Leadership.
Risk, Compliance and GRC Perspectives and Reflections.
Continuity has deep expertise across these critical domains: regulatory, banking and technology. This puts us in the forefront — as thought leaders helping you solve risk and compliance management problems, effectively and efficiently. Our blog is authored by former regulators and bankers. They cover an array of risk and compliance issues facing the financial industry today.
Continuity's CEO Provides Update to Clients
Continuity’s CEO Provides Update to ClientsValued Continuity Clients & Stakeholders: As this COVID-19 pandemic scenario continues to unfold I wanted to provide you all with a quick update from your trusted Compliance & Risk Management technology provider. In alignment with our name, Continuity has been functioning in a pandemic operating mode for more than two weeks now. Our entire staff
A Message from Continuity's CEO
A Message from Continuity’s CEOGreetings to all Continuity Clients:First and foremost I want to thank you again for the continued support and collaborative relationship with Continuity and our team over the years. You are our most important stakeholders and your success is our success.My guess is that you have been inundated with email and social
How do I Implement ERM?
Derek Yankoff, Chief Strategy Officer What does ERM do, actually? Defines and assigns Risk Values (i.e., Inherent Risk, Threats, Vulnerabilities, Annual Rates of Occurrence, Annual Loss Expectancy, Risk Appetite, Risk Tolerance, and Audit Frequency) for every Subject to be assessed. Provides ‘use cases’ that give context to the Subjects to be assessed by risk owners
Don’t Confuse a Control Risk Assessment with an Enterprise Risk Assessment
Derek Yankoff, Chief Strategy Officer In managing the internal audit function, the institution’s Audit Committee is responsible for commissioning a Control (or “Auditor’s”) Risk Assessment, developing audit plans and the overseeing the execution of the audit program. A Control Risk Assessment documents the internal auditor’s or outsourced audit service provider’s understanding of the institution’s significant