Risks in 2022

2020-03-02

If risks were considered a key part for internal auditors, in 2022 risks are a must. Audits should be risk-based and agile, responding to emerging risks. For this year, top risks include:

Risks in 2022

  1. Cybersecurity and data privacy: we are moving to a digital era and by doing it, this risk increases. The reason: information and data have more value than gold. The challenge: to minimize it since the criminals are evolving and increasing sophistication to attack their targets. Cybersecurity in any company should include protection against attacks and data leakage. Key controls: intrusion tests done by experts, update the software on a regular basis, block bogus emails and train people to recognize phishing attacks.
  2. Third parties: the risk starts when that third party works with other sub-contractors. Usually, the company has no contract or contact with the sub-contractor and mainly relies on what the third party has done as due diligence. The reality: anything that happens with sub-contractors can affect the company; such as hiring minors, exploiting people, deplorable workplace conditions. Key controls: review any outsourcing arrangements with a risk-based approach, include in the contract the right to audit third parties and sub-contractors, and at least once a year, carry out surprise audits. Key point: That the company understands the extent to which it is exposed to third parties.
  3. Brand value and reputation: corruption, fraud, cyber-attacks can have a lasting impact on a company’s reputation and the value of its brand. Reputational risk is like an earthquake: we can know where the epicenter was, but we can’t know for sure how far its consequences are. Even a poorly managed comment on social media can harm the brand. Key controls: complying with regulations, effective audits, training and addressing issues properly so they won’t be repeated again.

 

 

Monica Ramirez Chimal

By Mónica Ramírez Chimal - International Speaker & Trainer, Writer, Consultant-Partner at Asserto RSC

Linkedin Logo twitter logo

 





Get a feel for our events

Viral Clearance MasterClass

Viral Clearance MasterClass

03 - 04 October, 2022

Viral Clearance online masterclass will give an overview of the sources and impacts of viral contaminations of biotherapeutics.

Advanced CMC MasterClass - US Edition

Advanced CMC MasterClass - US Edition

05 - 06 October, 2022

 This training will present Technical and regulatory requirements for developing a medicinal product which are becoming stricter every day, the products themselves become more and more complex.

Implementation of ISO 13485 MasterClass

Implementation of ISO 13485 MasterClass

10 - 11 October, 2022

This MasterClass shall describe the general increase in combination products and in particular products now regulated by both drug and medical device regulation.

check all pharma events