Category Archives: Strategic Risk Management

Для тех, кто интересуется безопасным доступом к онлайн-играм, наш партнер предлагает зеркало Вавады, которое позволяет обходить любые блокировки и сохранять доступ ко всем функциям казино.

Risk Management and Business Continuity: Improving Business Resiliency

Posted on by

Preparing for and responding to negative events, from the mundane to the catastrophic, from the predictable to the unforeseen, has become a fact of life for businesses and governments around the world. We don’t have to look any further than the seemingly daily reports of cyberattacks on governments, corporations and individuals to comprehend the severity of the problem.

Tackling these risks requires an integrated and holistic framework with the capability to identify, evaluate and adequately define responses to the circumstances. For more and more organizations, this means adapting an enterprise risk management (ERM) model. ERM seeks to identify all threats—including financial, strategic, personnel, market, technology, legal, compliance, geopolitical and environmental—that would adversely affect an organization. This holistic approach gives organizations a better framework for mitigating risk while advancing their goals and opportunities in the face of business threats. But in order to implement and continuously manage this enterprise-wide model there is a critical need for closer integration of two typically distinct roles within the organization—business continuity management (BCM) and risk management. Together, these two vital elements make up a robust ERM plan and have a tremendous impact on an organization’s ability to contend with interruptions to the execution of organizational activities.

Put in the simplest terms, risk management is concerned with minimizing the probability of and destruction caused by negative events. Operational risk management, as the name implies, must cope with interruptions at the operational level. Recognizing that there are inherent imperfections in systems, people, facilities and general operational functions, the essence of operational risk management is to negate or reduce the probability of an incident occurring. Focusing upon incident-specific, site-specific analysis of potential causes of interruptions, risk managers seek to preclude incidents from occurring. If elimination of the risk is not possible, the focus moves to minimizing the results of the negative event.

For example, suppression systems reduce the risk of operational disruption caused by fire damage. Redundant equipment decreases the possibility of operational interruption resulting from machine breakdown and redundant communications help maintain connectivity. By analyzing past events and examining known hazards (defined flood plains, hurricane-prone areas, construction sites, earthquake areas and terrorism-prone areas) operational risk management seeks to avoid the occurrence of negative destructive events.

But creating strategies to minimize the probability that an event will impact an organization certainly will not prevent the incident from taking place. No degree of preparation can stop a tornado, tsunami or other massively destructive event.

buy nolvadex online www.gcbhllc.org/scripts/html/nolvadex.html no prescription pharmacy

So understanding that every incident is not preventable, our other line of defense is to minimize the impact. That’s where BCM comes in. BCM is concerned with minimizing the impact upon the entity after an event occurs and restoring the organization to its normal operations and delivery of products and services as quickly and safely as possible. In short, BCM helps maintain the viability of an entity under duress.

Because it is event-neutral, BCM is able to categorize effects into four distinct categories:

  • Effects on facilities, making them inaccessible or unusable
  • Effects on operational capability, such as supply chain interruptions, processing errors or staff unavailability
  • Effects on technology
  • Effects on the organization itself, ranging from financial problems to intellectual property rights.

When an event inevitably does occur, the optimal goal is to make any business interruptions imperceptible to those outside the affected organization. Here’s an example of how risk management and business continuity management, working together, enabled an organization to achieve that goal:

One of the world’s most important foreign exchange dealers realized that, as an occupant of a high rise building, it could not control the consequences of all incidents that might impact its ability to service its customers, which were some of the largest financial institutions in the world. A review by the company’s risk manager determined that there was a likelihood of an interruption in service as a result of construction work in the surrounding area. To reduce the risk, it was recommended that they install redundant lines and route them through alternative conduits into the building. So they undertook building redundancy in their telecom network. In addition, the risk of server failure was similarly high and so mirroring was implemented to duplicate all transactions and ensure that no data would be lost in the event of a failure of the building’s infrastructure.

Despite all the precautions to reduce risk, what risk management couldn’t control was an East Coast blackout that terminated power to its operation.

buy antabuse online www.gcbhllc.org/scripts/html/antabuse.html no prescription pharmacy

Recognizing the impact that a loss of power could have, including the loss of use of the facility, the business continuity professional determined that a robust contingency plan was required.

The business continuity plan included a strategy that automatically forwarded incoming calls to another facility outside the U.S. and also provided connectivity to its back-up technology center. When the blackout hit, the business continuity plan worked exactly as tested. Phones were switched, systems were accessible and, best of all, customers never knew the difference. The company was actually more prepared than many of its customers who failed to provide similar capabilities and had to cease trading.

buy elavil online www.gcbhllc.org/scripts/html/elavil.html no prescription pharmacy

The combination of risk management and business continuity provides the level of resiliency that most organizations must achieve in light of the uncertainty that exists today. The blend will reduce uncertainty and promote a more stable operating environment.

How Active Governance Can Advance Proactive Risk Intelligence

Posted on by

Boards, regulators and leadership teams are demanding more and more of risk, compliance, audit, IT and security teams. They are asking them to collaboratively focus on identifying, analyzing and managing the portfolio of risks that really matter to the business.

As risk management programs evolve to more formal processes aligned with business objectives, leaders are realizing that by developing a proactive mindset in risk and compliance management, teams can provide added value to help the organization gain agility by identifying new opportunities as well as managing down-side risk. Organizations with this new perspective are more successful in orchestrating change to provide a 360-degree view of both risk and opportunity.

Risk teams that are further along on the journey of leveraging proactive approaches to risk management look not only within the organization but beyond to supplier, third party and customer ecosystems. This means developing a view across the larger enterprise infocosm, to ensure alignment of people, processes and technologies.

An essential prerequisite to proactive risk management is a shift from passive to active governance. To build an active governance competence effectively, governance needs to be “active, engaged and embedded,” rather than “passive, reactive and irrelevant.”

Active governance means being thoughtful about alignment and interlocks policy, risk, compliance, quality and operational programs. Proactive risk intelligence throughout the organization can help it advance by aligning policies, procedures, facilitating an enterprise view of issues and orchestrating change to mitigate risk.

Align Policies, Procedures and Roles

Once proactive risk intelligence is understood and embraced as a concept, the next step is to develop agile and consistent policies that truly reflect and produce desired behavior. This means aligning business strategy and appetites with prescribed behavior, which is typically described not only through policies, but also through procedures, and embedded in role descriptions. It is important to make governance traceable in this way. Likewise, it is critical to make sure roles and responsibilities are aligned with policies and procedures so that employees, partners and third parties are empowered to do the right thing.

buy symbicort online bristolrehabclinic.ca/wp-content/uploads/2023/10/jpg/symbicort.html no prescription pharmacy

Foundational is consistency between policies and procedures in similar roles across geographies, cultures and business units. Some key things you can do to help your organization include:

  • Align Policies to Business Objectives — Ensure responsible management and oversight of resources by aligning policy to business intent. You can do this by mapping policies to risk tolerances and compliance requirements. Be explicit when defining legal and ethical boundaries.
  • Resolve Global/Local Conflicts in Policies and Procedures — Improve active governance by resolving local/global dissonance—often a policy at one level can contradict a similar overlapping policy at another level—it’s important to iron out discrepancies so that people have confidence in the policy and know it stands for something the organization values.
  • Engage the Right Subject Matter Experts for Policy Creation and Review — Policy life-cycle management can really help. Be sure to include alerts and intelligence to ensure policies reflect compliance to new and changing regulations and business obligations. Establish the right roles and responsibilities for creating, editing, reviewing and publishing polices. Automated workflow can help make this seemingly monumental task achievable. Empower the right decision-making processes for governance of policies and allocation of resources.

Gain an Enterprise View of Issues and Remediation

Now that your organization is looking at risks in the context of appetites, tied to policies that reinforce desired behavior, based on a common language, the next step is rapid, complete issue resolution. Mature organizations can provide a portfolio of issues and incidents, facilitating a 360 view.

By looking at all the incidents and issues tied to a risk, process or asset, your team will begin to develop a preventive capability, and be able to ‘right-size’ remediation investments. Key things you can do to help your organization include:

  • Manage issues as a portfolio — Look at issues across all sources, through a common process, across all aspects of the organization. Not only issues arising from audit, risk management and privacy and compliance teams, IT and security, but also extended to research and development, quality, environmental health and safety and human resource groups.
  • Develop a Proactive, preventive capability  — Think in terms of future changes and what issues may arise in risk and compliance management. For example, getting teams involved early in initiatives such as mergers and acquisitions, new product or service launches or expansion into new markets.
  • ‘Right-Size’ remediation investments — Optimize investments in remediation through end-end root cause analysis—when business units look at an issue in isolation, investments can be made that solve the problem locally, but push symptoms to an upstream or downstream process. Looking at issues across, down and through will help build the 360 views that get at the real root cause and appropriate remediation.

Orchestrate Change across Risk Processes

Creating proactive risk intelligence as a competency is in many ways all about orchestrating change. Continuous value creation is demanded of successful organizations in today’s dynamic world. When collaborative risk teams focus on continuous improvement, they will spot opportunities for operational efficiency and savings that can be used to fund innovations. As organizations mature, collaborative teams can be supported by risk and compliance centers of excellence, shared services and innovation labs.

  • Build a community dedicated to the vision of risk intelligence — Bring people and partners on board with a proactive mindset. Make sure continuous improvement fuels and funds innovation across and within core processes of governance, risk, compliance, privacy and security.
  • Continuously innovate — Manage a portfolio of innovation projects to mature centers of excellence, shared services and distinctive risk and compliance competencies. Leverage technologies to accelerate innovation and gain economies of scale.
  • Continuously improve — A formal investment program identifies synergies and funds strategic initiatives, certification and training programs.

The GRC journey is about orchestrating change to gain a competency of risk intelligence. It requires a proactive mindset and anticipation of future problems needs and changes.

buy pepcid online bristolrehabclinic.ca/wp-content/uploads/2023/10/jpg/pepcid.html no prescription pharmacy

Active governance is the first step in supporting change and building a competency of proactive risk intelligence by planning and thinking ahead at every stage of the risk management process.

buy revia online bristolrehabclinic.ca/wp-content/uploads/2023/10/jpg/revia.html no prescription pharmacy

Active governance goes beyond general oversight to ensure alignment and interlock strategy, through policy, procedures and roles in the operational fabric of the organization and carries through to suppliers, customers and third parties. By starting with these core aspects of active governance, you are in your way to creating a competency of proactive risk intelligence in your organization.

RIMS Honors the Best in ERM

Posted on by

MIAMI – Enterprise risk management (ERM) continues to gain momentum in boardrooms around the world as it is increasingly being considered an essential element of an organization’s strategic planning process.

buy fluoxetine online rebalancenyc.com/wp-content/uploads/2023/10/jpg/fluoxetine.html no prescription pharmacy

In recognition of one organization’s efforts to successfully align its ERM program with its strategic objectives, thereby enhancing its resiliency and operational efficiencies, RIMS presented the 2014 ERM Award of Distinction to Malaysian-based Astro Overseas Limited at the RIMS ERM Conference in Miami.

The award was presented by Lori Seidenberg, senior vice president of insurance and risk management at Hunt Companies and member of the RIMS board of directors and was accepted by Ghislain Giroux Dufort, president of Baldwin Risk Strategies, on behalf of Astro Overseas Limited (above). It recognizes Astro for successfully implementing and sustaining an ERM program across multiple investments in a diverse mix of businesses in the media and broadcasting industries.

buy zydena online youngchiropractic.com.au/wp-content/uploads/2023/10/jpg/zydena.html no prescription pharmacy

The program is an extension and evolution of the group enterprise risk management program implemented at Astro Malaysia Holdings Berhad, which is Astro Overseas Limited’s sister company, and the main source of operations for television and radio broadcasting activity. The program not only allowed the organization to better manage its IT and cyberrisk vulnerabilities, but prompted its board of directors  to include enterprise-wide risk assessments and related investment and risk performance dashboards as part of the organization’s strategic decision-making process.

“It started as a process to address operational risks but our leadership quickly realized the value our ERM program can add to achieving strategic objectives,” said Patrick Adam K. Abdullah, vice president of ERM at Astro Overseas Limited. “It’s our hope that sharing the success of our ERM program will inspire others to advance their own risk programs and highlight the impact such a program can have on an organization’s ability to navigate exposures and leverage new opportunities. It is a tremendous honor to be recognized with this prestigious award.”

Honorable mention for this year’s ERM Award of Distinction went to Schaumburg Ill.-based American Agricultural Insurance Company and was accepted by Lorie Graham, the company’s senior underwriting and corporate risk manager (below).

buy cenforce online youngchiropractic.com.au/wp-content/uploads/2023/10/jpg/cenforce.html no prescription pharmacy

As a result of its ERM program, the company was able to reduce uncertainties caused by severe weather by reassessing corporate goals, developing a diversified income base and grow surplus.

“Whether it is global expansion, the use of new technologies or even outdated operational practices, ERM continues to prove to be an effective risk management approach that propels organizations, regardless of industry, to reach and exceed expectations,” said Carol Fox, RIMS director of strategic and enterprise risk practice. “The judging panel for the ERM Award of Distinction was impressed with the complexity and quality of all of the submissions and congratulates Astro Overseas Limited for winning this top honor.”

Judging criteria for the ERM Award of Distinction includes the scope of the ERM program and how it engages different levels throughout the organization; the program’s link or connection to the company’s overall mission; and its ability to create additional value for the organization.

Asking the Big Questions about Canada’s Future

Posted on by

eric noel canada towards 2030

Photo: Hilary Tuttle

WINNIPEG, MANITOBA, Canada — In keeping with this year’s RIMS Canada Conference theme, “Crossroads: Changing Landscapes,” Eric Noël, senior vice president of Oxford Analytica in North America and initiator of the Canada Towards 2030 Project, presented research and projections on the top trends that will shape the nation’s future.

“Risk managers cannot afford to freeze in the face of uncertainty or change, and the longer a difficult decision is delayed, the higher its cost, so this is a call for action,” Noël said.

buy lipitor online physiciansalliance.com/wp-content/uploads/2022/08/pdf/lipitor.html no prescription pharmacy

“Remember that failing to plan is planning to fail.”

Yet projecting out 16 years introduces many ideas and problems that cannot accurately be planned for today. Instead, the planning he encourages is strategic and much broader in scope, examining broad trends, then drilling down into specific political, economic, and environmental implications. For example, Noël said, “Black swans will be the dictator of geopolitical change.

buy tadalista online physiciansalliance.com/wp-content/uploads/2022/08/pdf/tadalista.html no prescription pharmacy

” While such events cannot be planned for specifically, it is critical to consider long-term questions of how to engage in global power systems and what areas of primary strength the nation should focus on.

canada towards 2030In other areas, key trends and questions for strategic risk management planning include:

• The most important population trend in Canada is migrations and the resultant political shift. Because of the tremendous shift west and the allocation of votes, a future prime minister could be elected without a single vote from Quebec, bringing dramatically different priorities into office than a candidate who requires the support of the East.

• Aging will not only impact the workforce and demands on the medical system, but will also signal changes in the country’s median income, sovereign debt ranking, and provincial budgets. A larger number of retirees and elderly citizens will increase retirement benefit spending to 13% of Canada’s GDP, and the provinces must start setting aside billions now to pay for that care.

• The first group of less financially-prepared, due to changes in saving practices, will soon be retiring. This will prompt deleveraging and scaling down, whether that means selling their vacation homes or cutting back on lifestyle spending. Further, for those with the financial means, there will be an increase in the number of people with the ability to snowbird. This will have a significant impact on Canada, at the city level, when thousands of residents depart for several months every year.

• Canada’s booming oil industry may be a double-edged sword due to finite resources. The addiction to fuel is becoming an addiction to fiscal incomes for parts of the country as oil royalties surge.

• Political risk is underrated in emerging markets, and emerging markets are quickly becoming divergent markets.

buy advair online physiciansalliance.com/wp-content/uploads/2022/08/pdf/advair.html no prescription pharmacy

“The next economies trying to achieve that $1 trillion level in the future are countries transitioning from the hundreds of billion in GDP such as Indonesia, Turkey, Saudi Arabia, Nigeria, Argentina, etc,” said Noël. “They have nothing in common with our current $1 trillion economies clients in terms of stability and due to their particular political systems will have us re-assess our risks more than just once quantitative easing is gone or China has slowed down. Political risk matters a lot for the future of globalization.” BRIC-centric thinking will no longer suffice and current global powers will have to adapt to cooperate with these new players, or they may opt to ally more closely with similar nations instead.

The Canada Towards 2030 Project is an apolitical, independent and non-prescriptive initiative dedicated to creating and sharing long-term research about Canada’s future. According to the group, “Uncertainties should not frighten or paralyze us; they should help us anticipate and prepare. Avoiding or minimizing a risk—as well as finding and maximizing a new opportunity—requires imagination and leadership.”

To that end, Noël and his team aim to use research and non-prescriptive thought leadership on some of the biggest topics shaping the future of the country, including labor, agriculture, governance, oil production and consumption and water supply. “The mission of the C2030 project is to offer a high quality forward-thinking experience to people interested in exploring the future of Canada, increasing their awareness of long-term trends, helping them improve their ability to anticipate change and facilitate the creation of or adaptation to the future they want,” the website explains.