Ransomware strikes. Your critical data files have been encrypted and your business grinds to a halt. Do you:

a) spend countless hours rebuilding from backups (if you were diligent enough to ensure they'll work) or

b) pay the perpetrator to unlock your files?

Now that ransomware is spreading like wildfire through malicious emails, "malvertising" campaigns, and exploit kits, many firms and individuals face this exact scenario.

In our two most recent posts in this series, we addressed the first two phases of Risk Assessment: Risk Identification and Risk Analysis. This post looks at the final phase, Risk Evaluation.

Errors and even outright fraud in certificates of insurance is a growing problem. We encounter a 70% noncompliance rate on initial documents.

The certificate of insurance compliance function protects a company by ensuring that its contractors have appropriate types and amounts of insurance coverage. The burden of this compliance process is often underestimated.

Risk Analysis is the second of three phases that make up a Risk Assessment.

What are the other two phases?

More than 80% of companies don’t manage risk effectively. Is yours one of them?

A 2014 survey by a non-profit business research firm found that fewer than 20 percent of executives say their companies effectively manage risk. Companies will often have a process in place to identify and monitor risks. But they fall short when it comes to actually implementing practices to manage those risks as part of the overall strategic plan.

Risk Identification is the first of three phases that make up a Risk Assessment.

There may be a number of times that you’ve considered evaluating your company’s insurance broker for various reasons, including:

• Ensuring a sense of confidence and peace of mind that the broker who is working with you is, in fact, working in your best interests and delivering the best solutions for your firm’s coverage;
• Conducting your standard vendor evaluation, or;
• You are frankly not satisfied with your current insurance broker’s services and looking to identify alternatives.

When looking for coverage for Foreign Corrupt Practices Act (FCPA) costs, the Directors and Officers (D&O) Policy is often the first stop. It appears to be the policy most applicable, because it defends against complaints of wrongdoing. However, to get significant protection from FCPA costs a D&O policy has to be significantly modified.

Just by the moniker, Directors and Officers Policy, you know that the coverage is intended to be limited to a collection of individuals running the entity, not the entity itself. The first modification to look for is “Side C” coverage or the equivalent language indicating that the entity will be covered in the case of FCPA matters.