2019-predictions

Risk Evolves reflections and predictions for 2019

00Business Process and Standards, Cyber Security, Enterprise Risk Management, GDPR Critical Friend, GDPR Discovery Review, Supply Chain January, 19

Well it’s that time of the year when we reflect on what happened in the previous 12 months and polish the Risk Evolves crystal ball to see whether we can predict what may happen in the future.

2018 was the year that saw the biggest change in data protection legislation and regulation in a generation as the General Data Protection Regulation and UK Data Protection Act (2018) were introduced. At the same time we saw the increase in phishing emails and businesses succumbing to hacks and data breaches which GDPR is trying to protect against!

More info

adventure-bay-beach-307008 (1)

Manage your Supply Chain – ‘No man is an island ?’

00Business Process and Standards, Cyber Essentials, Enterprise Risk Management, GDPR Discovery Review, Supply ChainTags: , , , , , , August, 18

I don’t believe that any one of us working in any type of organisation, regardless of whether you’re a small business, a charity, a school or even a sole trader today can operate without the products or services of a 3rd party provider. We may well have chosen to outsource our accountancy, HR, IT and compliance management requirements. Equally, our clients outsource to us e.g. audit requirements, Data Protection Officer and so on. Our Clients all have a dependency on us to deliver services. Here at Risk Evolves – we’re no different. We’re great examples of the fact that very few, if any, organisations can operate without the support of a 3rd party. A 3rd party could be providing IT, critical resource, logistics support, payroll services, catering, cleaning etc. And yet, how many of us step back and analyse exactly what we would do if one of those third parties wasn’t available one day. What happened if they were to suffer a flood to their premises so that they couldn’t operate, if they were to go out of business, cease to provide the service that we are reliant on, be acquired by another organisation – the list goes on. More info

so-why-bother-with-certific

So why bother with certifications?

00Business Process and Standards, Enterprise Risk Management, GDPR Discovery ReviewTags: , , , , , June, 18

For anyone that’s met me, they’ll know that I’m passionate about the value of certifications and standards. Whether it’s Cyber Essentials, ISO9001, OHSAS18001, Safe Contractor, FORS – all have a value to a business. Some are international standard applicable across any industry, others are industry specific. Some may be a requirement in order to enter a supply chain and will be adopted grudgingly by an organisation. For organisations who just need the ‘certificate on the wall’, there is likelihood that they are not realising the full benefits that adoption of a standard may bring. More info

berliner-breakfast-bun-cake-41300

GDPR Makes You Fat……and other scare stories

00GDPR Discovery Review, Supply Chain, Virtual DPOTags: , , , , May, 18

As we head towards GDPR day – May 25 – the number of scare stories about the new regulations seems to be spinning out of control.

The latest one claims half of businesses expect to be fined under the new rules: https://bit.ly/2IcnFYX . It is based on a survey which suggests businesses have put money aside in anticipation of a fine. In addition, we’ve heard of some sole traders who are so concerned about the regulations, they fear that they will need to close the shutters on their business.

The problem here is one of perception. Businesses may well be so worried that their way of dealing with the new regulations is to put money aside. But will they really be fined and does putting money under the mattress really help?  The ICO has been clear on so many occasions – fines will be the last resort. More info

process

GDPR – We’ve Been Here Before (Haven’t We?)

00Cyber Security, GDPR Discovery Review, Virtual DPOTags: , , May, 18

 The GDPR Parallels :

If we are honest, and that’s the best way to be, the GDPR has been a long time coming. The current data protection legislation was well overdue for modernisation. Most companies are already dealing with processes similar to the GDPR, but many may not have drawn those parallels. Once those parallels are recognised and acknowledged, bringing it into a business can be smoother than initially thought.

Every year as a nation we always seem to be surprised that things happen – like Christmas, or School Holidays, or Birthdays. Despite having plenty of advance notice they still creep up on us. Every time we also seem to have to reinvent the wheel – ‘this year I’ll do all my shopping online’, or ‘I’ll send a card from MoonPig as opposed to picking one up from the supermarket’. Yet deep down inside we all know what works best for us, what time and again has fitted in well to our time-starved lives to help us get through these challenges of life. More info

pexels-photo-211151

Data Protection – it’s a leadership issue [PRESS RELEASE}

00Cyber Security, GDPR Critical Friend, GDPR Discovery Review, Virtual DPOTags: , , November, 17

Leamington Cyber Security Company teams up with World Leading Management Accountants to produce film on protecting Business Data.

Video link: https://www.riskevolves.com/#video

The Leamington based cyber security and risk management company, Risk Evolves, has teamed up with CIMA, the world’s leading, and largest, professional body of management accountants, to produce a film on how businesses can protect their data from a cyber attack. More info

who is responsible for GDPR

Who Is Responsible For GDPR?

00Cyber Security, GDPR Critical Friend, GDPR Discovery Review, Supply Chain, Virtual DPO August, 17

Just who is responsible for GDPR in a company?… Everyone starting at board level down…

GDPR In The Press

There was a flurry of press coverage, interviews, radio and TV coverage recently as the ICO began their campaign to make businesses and other organisations aware that there is now less than 200 working days until the EU General Data Protection Regulation (EU GDPR) and the new UK Data Protection Act become law on the 25th May 2018. More info