Risk Pulse

View all data →
Trade Policy
7.7%

US Effective Tariff Rate

Highest since 1947. IEEPA ruling may reduce to 6.0% in 2026.

Supply Chain
−75%

Suez Canal Container Traffic

Collapse since Houthi attacks. Still 49% below pre-crisis levels.

Logistics
+47%

Asia-US Transit Time Increase

Cape of Good Hope rerouting extends SE Asia to US East Coast shipping.

ESG Regulation
36

ISSB Adopting Jurisdictions

Sustainability disclosure standards now live across 36 jurisdictions globally.

Risk, Resilience, Compliance — Without the Jargon.

Latest Analysis

View all articles →
business continuity management program hub showing policy, BIA, strategy, plans, and exercise layers
BCM

The Business Continuity Management Program: A Complete Hub for Practitioners

A business continuity management program is what separated the airlines on July 19, 2024, when a defective CrowdStrike update crashed 8.5 million Windows machines and cost the Fortune 500 an estimated $5.4 billion. Delta alone absorbed $500 million and days of cancellations, while competitors flying the same software recovered over a weekend. The gap was ... <a title="The Business Continuity Management Program: A Complete Hub for Practitioners" class="read-more" href="https://riskpublishing.com/business-continuity-management-program/" aria-label="Read more about The Business Continuity Management Program: A Complete Hub for Practitioners">Read more</a>

Chris EkaiJul 17, 202612 min read
key risk indicators directory with traffic-light gauge from target to breach
ERM

Key Risk Indicators: The Complete Directory for Risk Practitioners

Key risk indicators earn their board seat every time an institution fails with the warnings already written down. When Silicon Valley Bank collapsed in March 2023 holding $209 billion in assets, the Federal Reserve’s own review counted 31 unaddressed supervisory findings, roughly triple the average at peer banks. The indicators existed; the response did not. ... <a title="Key Risk Indicators: The Complete Directory for Risk Practitioners" class="read-more" href="https://riskpublishing.com/key-risk-indicators-directory/" aria-label="Read more about Key Risk Indicators: The Complete Directory for Risk Practitioners">Read more</a>

Chris EkaiJul 17, 202612 min read
risk assessment
Risk Assessment

The Complete Risk Assessment Guide: Methods, Templates, and Frameworks

Risk assessment failures now carry ten-figure price tags. On October 10, 2024, TD Bank agreed to pay about $3.09 billion across coordinated resolutions, including FinCEN’s record $1.3 billion penalty and a $450 million OCC action, after regulators found its monitoring left 92% of transaction volume unassessed. That unmonitored slice totaled roughly $18.3 trillion between 2018 ... <a title="The Complete Risk Assessment Guide: Methods, Templates, and Frameworks" class="read-more" href="https://riskpublishing.com/complete-risk-assessment-guide/" aria-label="Read more about The Complete Risk Assessment Guide: Methods, Templates, and Frameworks">Read more</a>

Chris EkaiJul 17, 202612 min read
NIST vendor risk assessment questionnaire hero showing a checklist card with passing and failing control checks on a navy gradient
Risk Assessment

NIST Vendor Risk Assessment Questionnaire: 40 Mapped Questions

On February 21, 2024, drug distributor Cencora discovered attackers had been inside its systems stealing patient data it processed for pharmaceutical manufacturer clients. By September, Bloomberg reported the company had paid $75 million to the Dark Angels gang, the largest ransom payment on record. A NIST vendor risk assessment questionnaire exists to catch that exposure ... <a title="NIST Vendor Risk Assessment Questionnaire: 40 Mapped Questions" class="read-more" href="https://riskpublishing.com/nist-vendor-risk-assessment-questionnaire/" aria-label="Read more about NIST Vendor Risk Assessment Questionnaire: 40 Mapped Questions">Read more</a>

Chris EkaiJul 15, 202614 min read
Risk management KPI dashboard hero showing four metric tiles, RAG dots, a sparkline, and a red limit breach on a navy gradient
ERM

Risk Management KPI Dashboard: How to Build One in Excel

On July 10, 2024, the Federal Reserve fined Citigroup $60.6 million and the OCC added $75 million more, a combined $135.6 million, for failing to fix risk data and reporting weaknesses first ordered closed in October 2020. The regulators’ language was blunt: the bank had made insufficient progress on data quality management. A risk management ... <a title="Risk Management KPI Dashboard: How to Build One in Excel" class="read-more" href="https://riskpublishing.com/risk-management-kpi-dashboard/" aria-label="Read more about Risk Management KPI Dashboard: How to Build One in Excel">Read more</a>

Chris EkaiJul 15, 202613 min read
Monthly Geopolitical Risk Report: Template, Structure and Example
ERM

Monthly Geopolitical Risk Report: Template, Structure and Example

General Motors booked $3.1 billion in tariff costs during 2025, close to a quarter of its earnings before interest and taxes. Ford chief executive Jim Farley summed up the year for analysts as a season of chaos, and his company’s own tariff bill still landed near $1 billion. A monthly geopolitical risk report is how ... <a title="Monthly Geopolitical Risk Report: Template, Structure and Example" class="read-more" href="https://riskpublishing.com/monthly-geopolitical-risk-report-template/" aria-label="Read more about Monthly Geopolitical Risk Report: Template, Structure and Example">Read more</a>

Chris EkaiJul 14, 202614 min read
sanctions screening in third-party risk management guide on a navy riskpublishing.com hero with a screening-list motif and one flagged red entry
Risk Assessment

Sanctions Screening in Third-Party Risk Management

On November 21, 2023, OFAC announced a $968,618,825 settlement with Binance, the largest in the agency’s history, hours after chief executive Changpeng Zhao pleaded guilty in a Seattle courtroom. Across Treasury, DOJ, and CFTC, the package reached $4.3 billion. Binance failed to screen its own customers, but the same statutes reach every US company’s suppliers, ... <a title="Sanctions Screening in Third-Party Risk Management" class="read-more" href="https://riskpublishing.com/sanctions-screening-third-party-risk-management/" aria-label="Read more about Sanctions Screening in Third-Party Risk Management">Read more</a>

Chris EkaiJul 8, 202612 min read
Critical Supplier Identification and Tiering Methodology
Risk Assessment

Critical Supplier Identification and Tiering Methodology

At 12:09 a.m. Eastern on July 19, 2024, a faulty CrowdStrike Falcon update began knocking 8.5 million Windows devices offline, and Delta Air Lines spent the next five days canceling roughly 7,000 flights. Chief executive Ed Bastian put the bill at $500 million, and Delta sued CrowdStrike that October. By procurement’s math, CrowdStrike was a ... <a title="Critical Supplier Identification and Tiering Methodology" class="read-more" href="https://riskpublishing.com/critical-supplier-identification-tiering/" aria-label="Read more about Critical Supplier Identification and Tiering Methodology">Read more</a>

Chris EkaiJul 7, 202613 min read
SaaS vendor risk assessment guide on a navy riskpublishing.com hero with a cloud and app-tile motif, covering shared responsibility and OAuth exposure
Risk Assessment

SaaS Vendor Risk Assessment: Cloud-Specific Evaluation

On August 20, 2025, Salesloft and Salesforce revoked every live OAuth token for the Drift chat application after the threat group UNC6395 spent ten days exporting data from more than 700 corporate Salesforce environments. Cloudflare, Zscaler, and Palo Alto Networks all confirmed exposure, and not one of them had been breached directly. Every victim inherited ... <a title="SaaS Vendor Risk Assessment: Cloud-Specific Evaluation" class="read-more" href="https://riskpublishing.com/saas-vendor-risk-assessment/" aria-label="Read more about SaaS Vendor Risk Assessment: Cloud-Specific Evaluation">Read more</a>

Chris EkaiJul 7, 202615 min read
supply chain risk heat map guide on a navy riskpublishing.com hero with a 3x3 heat map motif, covering the 5x5 build and refresh cadence
ERM

Supply Chain Risk Heat Map: How to Build and Maintain One

At 1:29 a.m. on March 26, 2024, the container ship Dali lost power and brought down Baltimore’s Francis Scott Key Bridge, closing the top US auto port for 11 weeks. Maryland lost roughly $15 million a day, and almost no supply chain risk heat map in the country had that bridge on it. The gap ... <a title="Supply Chain Risk Heat Map: How to Build and Maintain One" class="read-more" href="https://riskpublishing.com/supply-chain-risk-heat-map/" aria-label="Read more about Supply Chain Risk Heat Map: How to Build and Maintain One">Read more</a>

Chris EkaiJul 6, 202614 min read

Practitioner Toolkits & Templates

Ready-to-use frameworks, registers, and assessment tools built for risk management professionals. All guides include downloadable templates.