US Justice Department issues new guidance for white-collar crime prosecutors to use when assessing whether a company complied with its own risk management program. The new guidance is premised on the adequacy of the organizations risk assessment efforts, an approach well-known and particularly applicable to cybersecurity professionals. Cybersecurity is top of mind for compliance officers when it comes to compliance, cybersecurity expert Carrie Penman says. DOJ guidance is geared to helping prosecutors bring criminal charges against corporations and their officers, but it is frequently used as a blueprint outside the Justice Department’s purview.”]