Risks in 2022

2020-03-02

If risks were considered a key part for internal auditors, in 2022 risks are a must. Audits should be risk-based and agile, responding to emerging risks. For this year, top risks include:

Risks in 2022

  1. Cybersecurity and data privacy: we are moving to a digital era and by doing it, this risk increases. The reason: information and data have more value than gold. The challenge: to minimize it since the criminals are evolving and increasing sophistication to attack their targets. Cybersecurity in any company should include protection against attacks and data leakage. Key controls: intrusion tests done by experts, update the software on a regular basis, block bogus emails and train people to recognize phishing attacks.
  2. Third parties: the risk starts when that third party works with other sub-contractors. Usually, the company has no contract or contact with the sub-contractor and mainly relies on what the third party has done as due diligence. The reality: anything that happens with sub-contractors can affect the company; such as hiring minors, exploiting people, deplorable workplace conditions. Key controls: review any outsourcing arrangements with a risk-based approach, include in the contract the right to audit third parties and sub-contractors, and at least once a year, carry out surprise audits. Key point: That the company understands the extent to which it is exposed to third parties.
  3. Brand value and reputation: corruption, fraud, cyber-attacks can have a lasting impact on a company’s reputation and the value of its brand. Reputational risk is like an earthquake: we can know where the epicenter was, but we can’t know for sure how far its consequences are. Even a poorly managed comment on social media can harm the brand. Key controls: complying with regulations, effective audits, training and addressing issues properly so they won’t be repeated again.

 

 

Monica Ramirez Chimal

By Mónica Ramírez Chimal - International Speaker & Trainer, Writer, Consultant-Partner at Asserto RSC

Linkedin Logo twitter logo

 





Get a feel for our events

Process Validation for Biotechnological Products - EU edition MasterClass

Process Validation for Biotechnological Products - EU edition MasterClass

07-08 February, 2023

This MasterClass will provide best understanding on how process validation for biotechnological processes, which is the collection and evaluation of data from the process design stage through commercial production.

Good Clinical Practices - US edition MasterClass

Good Clinical Practices - US edition MasterClass

07-08 February, 2023

This online practical course provides an in-depth understanding of GCP requirements and their practical implications.

Pharma Good Distribution Practice - EU edition MasterClass

Pharma Good Distribution Practice - EU edition MasterClass

09-10 February, 2023

This informative training with two RP’s / RPI’s for all things GDP.

check all pharma events