The Commonwealth of Australia just issued its Critical Infrastructure Risk Management Program (CIRMP) requirements. (1) Covered entities have until August 18, 2023, to start the implementation process. This piece looks at the CIRMP requirements. Continue reading
On August 8, 2023, the National Institute of Standards and Technology (NIST) issued an Initial Public Draft of The NIST Cybersecurity Framework 2.0. (1) This framework issued for public comment and review, updates Framework for Improving Critical Infrastructure Cybersecurity. Continue reading
This is the second of two articles submitted to CERM Insights at about the same time. This one deals with the Community Disaster Resilience Zone Act passed by the United States Congress on December 22, 2022. The other deals with the National Institute of Standards and Technology’s (NIST) Cyber Security Framework 2.0. Together they form a mosaic of the Biden Administration’s Risk Management push. Continue reading
On July 29, 2022, the International Financial Reporting Standards (IFRS), issued a draft report on Climate Related Financial Reporting. This piece looks at the draft and its relationship to Enterprise Risk Management (ERM). Continue reading
On October 27, 2022, The Association of Federal Enterprise Risk Management (AFERM) in conjunction with Guidehouse released the results of the eighth consecutive survey of federal agencies on their Enterprise Risk Management (ERM) efforts. This piece looks at the survey results. Continue reading