Risk management

  • If you hold a C-Suite title then PwC invites you to participate in our annual State of the Internal Audit Profession and Risk in Review Survey

    11/20/14 | Risk Assurance

    Over the years, thanks to the input of thousands of executives from a number of sectors and territories, we have gained significant insight into how organizations are addressing the evolving risk landscape. The findings are published in both PwC's State of the Internal Audit Profession Study and our Risk in Review Study.

  • Cure for the common culture: How to build a healthy risk culture

    11/19/14 | Financial Services Institute

    What does it take to build a sustainable risk-resistant culture? We surveyed global banking leaders to find out.

  • The CMO’s role in privacy: Are your marketing programs affecting your brand?

    11/10/14 | Risk Assurance

    Organizations often use customer information collected online to understand and effectively target consumers. This process requires not only the attention of the chief privacy officer, but also the chief marketing officer. Almost daily, news headlines underscore the importance of this with data breaches becoming commonplace. For consumers to provide complete and accurate information, they must know they can trust your organization.

  • Rethinking media auditing and benchmarking pools

    11/10/14 | Risk Assurance

    Knowing how your advertising spend compares to that of your competitors is an important benchmark that allows you to save money; and using media auditing and benchmarking pools is the definitive way to do this. Or is it? It’s time to question the value of these pools.

  • Present and functioning: Fine-tuning your ICFR using the COSO update

    11/7/14 | Risk Assurance

    With the COSO’s 1992 Control Framework being superseded by the 2013 updated edition on December 15, 2014, now is the time for companies to use the updated framework to evaluate the effectiveness of their systems of internal control over financial reporting. This paper talks through the updated framework and these competencies to evaluate the effectiveness of companies’ systems of internal control over financial reporting.

  • Fortified for success - Building your company’s risk, controls and compliance ecosystem, for the IPO and beyond

    11/5/14 | Risk Assurance

    Going public is a transformational event that pushes a company into view of regulatory, investor, and analyst scrutiny. Companies that delay getting their risk management, compliance and compliance infrastructure in order until after the IPO may be jeopardizing their ability to reap the full benefits of going public. This paper lays out steps that will help companies establish a foundation and cover the company’s critical risks and controls, both pre-and-post IPO.

  • The Global State of Information Security Survey 2015

    10/23/14 | Advisory services

    The Global State of Information Security® Survey 2015 is a worldwide study by PwC, CIO, and CSO. Security breaches are on the rise, and it is no surprise to find that as the number of information security incidents continues to mount, so do financial losses. Survey respondents in 2014 report that the number of detected incidents soared to a total of 42.8 million, a 48% leap over 2013. This increase comes at great cost: Total financial losses attributed to security compromises increased 34% over 2013.

  • How investors are shaping corporate boards today and into the future

    10/22/14 | PwC Investor Resource Institute

    Successful investors continually look around the corner to anticipate the next challenge and the next opportunity, both today and tomorrow. And investors expect the companies they invest in to be similarly forward thinking. So what’s important to investors, and what do they expect of corporate directors? Our second annual survey takes a look.

  • Webcast
    The European Data Protection Regulation: What this means for US businesses - November 4, 2014

    Risk Assurance

    The proposed General Data Protection Regulation, which is currently proceeding through the European legislature, would introduce widespread data protection changes and greatly increase financial sanctions for noncompliance. These changes are likely to raise significant challenges in regard to data protection compliance for all businesses (regardless of the location of their establishments) that operate or provide goods and services within the European Union (EU). During the webcast, Jay, Stewart and James will discuss the changes the new law would introduce, its current status and how US companies can prepare.

  • Metrics by design - A practical approach to measuring internal audit performance

    10/1/14 | Risk Assurance

    As leading internal audit functions have transformed to meet increasing expectations, metrics have become a critical tool for Internal Audit to demonstrate its value to the organization and drive its performance against stakeholder expectations. Building on key findings from PwC’s 2014 State of the Internal Audit Profession study, this paper explores how internal audit functions can leverage metrics to both communicate the value they are providing as well as drive results.

  • Goods gone bad: Addressing money-laundering risk in the trade finance system

    10/1/14 | Risk Assurance

    The rise of trade-based money laundering presents direct financial, reputational, and compliance risk to the financial services companies, banks, and global trade organizations that provide and utilize trade finance. Financial firms can address these increased AML challenges by leveraging analytics and statistical transaction monitoring techniques to identify information, trends, connections, and anomalies indicative of trade-based money laundering schemes.

  • Insurance board of directors' risk responsibilities: Guidance from global regimes

    9/30/14 | Insurance

    At the present time, no two developments in the insurance sector seem more entwined than risk and regulation, and nowhere is this interaction more evident than in developing regulatory expectations for insurers’ boards of directors. While regulators still seem far apart in their search for a single global capital regime, they are much closer to a consensus on terms of governance.

  • The new digital ecosystem reality: Managing risk to enable strategy

    9/24/14 | Technology

    Being aware of risks is one thing; taking specific action to address them head on is another. Many companies have tended to look at risk management as something they should react to, rather than something that they should build into the company culture.

  • Is your organization conflicted?

    9/16/14 | Advisory services

    Organizational Conflicts of Interest pose reputational, legal, regulatory and financial risks - and they are very difficult to detect. Without resorting to overly intrusive procedures, how can organizations manage the risks posed by Conflicts? This white paper discusses some of those risk-mitigation techniques, and how they might apply in your organization.

  • Managing the Shadow Cloud - Integrating cloud governance into your existing compliance program

    9/10/14 | Risk Assurance

    The world of computing has changed, and executives have begun to realize that shadow cloud activity cannot be ignored. At the same time, realizing the benefits of the cloud with more confidence about the risks and rewards depends on knowing how to prudently say “yes” to the cloud.

  • Fighting a growing threat: Retail and consumer goods sector analysis of PwC’s 2014 Global Economic Crime Survey

    8/12/14 | Retail & consumer

    Retail and consumer goods companies are experiencing greater levels of economic crime. Nearly half of respondents say their company has experienced this type of event in the last two years. By far the most commonly reported type of economic crime for the sector is asset misappropriation, while other common types of fraud included bribery and corruption, accounting fraud and cybercrime.

  • EU Data Protection Reform The challenges and benefits of compliance for businesses

    7/31/14 | Risk Assurance

    The passage of the General Data Protection Regulation that is proceeding through the European legislature is likely to raise significant challenges in regard to data protection compliance for all businesses that operate or provide goods and services within the European Union. With passage likely, proactive companies are taking steps today that will help them prepare to comply with future requirements.

  • PwC Cash Investment Survey Report

    7/10/14 | Advisory services

    Survey results identified trends in corporate cash investment management practices and highlighted potential opportunities for improvement.

  • Deeper insights for greater strategic value: Oracle Advanced Controls (GRC) Study

    6/2/14 | Risk Assurance

    GRC Technology has become an increasingly critical factor for driving value (i.e., recovering profitability, increasing efficiency, detecting fraud, etc.) and automating manual compliance and risk management activity in the enterprise. Organizations have increased their adoption of Oracle Advanced Control (“AC”) to improve the oversight of corporate governance, including financial reporting compliance, enterprise risk management (ERM), and related audits. To better understand organizations’ awareness and how organizations are using (or considering using) Advanced Controls technology to drive value in an enterprise, PwC conducted an Oracle Advanced Controls study.

  • Beyond compliance: Creating a new norm in gas pipeline leak management

    5/28/14 | Power & utilities

    In the new norm, leak survey is no longer viewed simply as a compliance activity—it is integrated with risk assessment, work identification, and investment planning to transform integrity management and enhance pipeline safety.

  • Webcast
    Data at Risk. Protecting your intellectual property within SAP - November 13, 2014

    Risk Assurance

    PwC's SAP practice invites you to attend the ‘Data at Risk! Protecting your intellectual property within SAP' webcast to find about leading practices to classify, identify and protect sensitive data within SAP systems.

  • Cure for the Common Culture: Building Effective Risk Cultures at Financial Institutions

    4/15/14 | Financial Services Institute

    What are the best ways for financial services firms to establish an effective risk culture? We share some tips to keep your culture clean and clear of regulatory risk.

  • 10Minutes
    10Minutes on data privacy

    2/26/14 | Advisory services

    Data protection and privacy is an urgent issue for both consumers and businesses. As customers increasingly worry whether their personal information is secure and used appropriately, companies are also concerned about protecting data and their brand. This 10Minutes highlights the importance of viewing consumer privacy from more than just a compliance lens and developing a strategy and action plan that will help businesses lead on data privacy by building customer trust and enhancing their brand.

  • Global Economic Crime Survey, 2014: Key Highlights from the U.S.

    2/20/14 | Forensic services

    From cybercrime to corruption, most economic crimes reported are on the rise. What does this mean for your business? Read the key highlights from the U.S.

  • Empowering business agility: Strengthening Internal Audit’s impact and value

    2/4/14 | Power & utilities

    Findings from the eighth annual survey of power and utilities chief audit executives.

  • The Internal Audit Analytics Conundrum—Finding your path through data

    1/21/14 | Risk Assurance

    Business development during recent decades has involved extensive use of technology designed to drive business competitiveness and expand new business horizons. Integrating data analytics into your Internal Audit approach can help you achieve your audit objectives in a more reliable and cost-effective way. This white paper highlights what Internal Audit can be doing to help utilize analytics across their audit plan.

  • Webcast
    Aligning your GRC solution with the revised COSO Internal Control-Integrated Framework webcast - January 28, 2014

    Risk Assurance

    PwC's Risk Assurance Group invites you to attend this webcast to learn how to improve the alignment of your GRC Solution to the updated COSO Internal Control Framework.

  • 10Minutes
    10Minutes on service provider transparency

    12/10/13 | Risk Assurance

    Businesses depend on service providers to handle confidential data, run essential business processes, and manage critical technology. This can leave businesses vulnerable to service provider breakdowns. The result can be the providers’ clients violating regulations and even losing customer trust. Yet many businesses may know less than they realize about their service providers’ controls. This 10Minutes discusses how SOC 2 and SOC 3 reports can give businesses the picture they need to have solid confidence in their service providers.

  • Defending yesterday: Key findings from The Global State of Information Security® Survey 2014

    10/21/13 | Advisory services

    While organizations have made significant security improvements, they have not kept pace with today’s determined adversaries. As a result, many rely on yesterday’s security practices to combat today’s threats. The results of this survey show that executives are heeding the need to fund enhanced security activities and have substantially improved technology safeguards, processes, and strategies.

  • Retail & Consumer KnowledgeBrief: Technical and Quality Newsletter

    10/1/13 | Retail & consumer

    What are the technical and reporting issues impacting retail and consumer products companies? PwC's Retail & Consumer KnowledgeBrief provides insights and summaries on restructuring comment letter trends and disclosure reminders, data protection, conflict minerals, the Patient Protection and Affordable Care Act, and more.

  • PwC’s 2013 Investor Survey

    9/25/13 | PwC Investor Resource Institute

    What most concerns investors? What do investors expect of corporate directors? How do investors view the current quality of corporate disclosures? We asked investors about these issues, and the message received is clear: Investors want to know more about the risks that companies have identified, and how they are managing them. And investors are looking for more information.

  • 10Minutes
    10Minutes on whistleblower reform

    7/15/13 | Center for Board Governance

    Whistleblower reform is having significant impact. The SEC’s Office of the Whistleblower has one full year of operation under its belt, and with it 3,001 tips and two awards to date. Leading companies are looking closely at the Office’s first-year report and drawing lessons for building stronger ethics and compliance programs. They’re also considering what it takes to create a highly ethical culture. This 10Minutes highlights the importance of having an ethical culture at the workplace.

  • 10Minutes
    10Minutes on why the COSO Update deserves your attention

    5/14/13 | Risk Assurance

    COSO has published a PwC-authored update to its framework, the first in over 20 years, which gives you an opportunity to refresh your controls for today's environment.

  • Dataline
    Dataline: COSO issues the updated Internal Control-Integrated Framework and related illustrative documents (No. 2013-09)

    5/14/13 | Assurance services

    On May 14, 2013, COSO published an updated Internal Control-Integrated Framework and related illustrative documents. This Dataline highlights noteworthy updates to the Framework, summarizes the purpose of the illustrative documents, and highlights key considerations for clients.

  • 10Minutes
    10Minutes on conflict minerals

    5/9/13 | Assurance services

    10Minutes on conflict minerals provides insight into the strategic benefits and risks companies will want to focus on as they comply with the SEC's conflict minerals rule. The rule is effective for 2013 calendar year operations, so regardless of whether companies view conflict minerals as a supply chain opportunity, risk to their brand or another regulatory to-do, they should act now to prepare.

  • M&A snapshot
    Financial risk management considerations in an acquisition (M&A snapshot)

    12/13/12 | Assurance services

    The acquisition of a business can have a significant impact on both the risk exposures and risk management strategies of the combined entity. In many cases, an acquirer’s financial risk exposure will increase as a result of the acquisition. However, there may be situations in which the acquiree’s operations reduce the acquirer’s current risk exposure. In any event, identifying potential changes in enterprise risks, creating an action plan to address them, and managing changes to risk management strategies post-acquisition are critical to developing short- and long-term solutions for integrating financial risk management considerations in an acquisition.