Companies, especially those with operations in multiple countries or regions, must stay on top of an ever-changing regulatory environment to manage risk and compliance. Some policies such as the European Union’s Digital Operational Resilience Act, are designed to strengthen IT security practices at financial institutions only, while others, like the EU’s General Data Protection Regulation or the U.S. Securities and Exchange Commission’s proposed cybersecurity rules, have broader reach.
Up-to-the-minute awareness of regulatory developments and their potential impact on a company’s business practices and overall risk profile is crucial, according to Devin Amato, global integrated risk management automation leader and U.S. digital automation and risk leader at Deloitte & Touche LLP. In a conversation with Workflow, he explained how moving essential processes out of spreadsheets and slide decks helps break down silos, which makes such awareness difficult across an entire organization.
This interview has been edited for length and clarity.