Category Archives: Workplace

Игроки всегда ценят удобный и стабильный доступ к играм. Для этого идеально подходит зеркало Вавады, которое позволяет обходить любые ограничения, обеспечивая доступ ко всем бонусам и слотам.

RIMS ERM 2018: Earning the ‘Mandate’ and a ‘Seat at the Table’

Posted on by

MONTREAL – More than 300 risk management professionals and students attended the 2018 RIMS ERM Conference on Monday and Tuesday in an effort to gain insight from, and network with, the industry’s enterprise risk management leaders. Wisdom, data, and motivation within the ERM space were on tap during all the sessions and workshops.

buy proscar online sinusys.com/email/img/jpg/proscar.html no prescription pharmacy

On October 29, Martin Vilsoe, partner of the Implement Consulting Group, opened the two-day event by highlighting the importance of ERM’s worldwide capabilities and how to operationalize the best ERM practices. Vilsoe said that risk managers need to “earn the mandate” to work with ERM, and focused on the idea that risks can equal opportunities.

He said that ultimately the risk manager’s job when implementing an ERM framework is to “enable brave decisions” and to maintain an organization’s best direction. With a visual aid of a freighter and individual boats in an ocean, he rhetorically asked: “Is your framework similar to a supertanker or 15-speed boats going in separate directions?”

He also spoke to the importance of risk management’s value to an organization without the sole reliance on analytics.

“Risk management’s purpose is to show value. If it is about value, then we better bring it,” he said. “We don’t always communicate that. There’s a big difference between calculating and measuring value versus communicating value. You can do it without having complete proof – you shouldn’t lie to people, but you should tell them you’re doing something great for the organization.

buy addyi online sinusys.com/email/img/jpg/addyi.html no prescription pharmacy

He encouraged the audience to consider their current roles as a consultant – and the importance of “winning customers” in this alternate role. This involves some sales prowess, he said, and the ability to tell a core story or narrative that describes what you do to engage with stakeholders. Build a core story around the ERM program and send different messages to different stakeholders around your core story.

“I don’t see enough of this in risk management programs because of the idea that it is ‘too big,’ or ‘I can’t communicate it,’” he said. “You can do it. We have to move past that mentality.

buy chloroquine online sinusys.com/email/img/jpg/chloroquine.html no prescription pharmacy

“The misconceptions is that risk management is about IT systems. And if you’re thinking as a risk consultant, be aware that putting stuff in systems will not help you manage your risks. Your ability to facilitate awareness, promote decisions and execute them, will.”

Day 2

Dovetailing on the idea that risks can become opportunities, October 30 opened with “Advancing Risk Management: Having A Seat At The Table,” presented by Laura Cisi, the Clorox Company’s vice president of global risk management, and Soraya Wright, founder and CEO of SMW Risk Management Consulting LLC.

In a fireside chat-style setting, the duo used Clorox – a 105-year-old company – as a case study to demonstrate the effectiveness of its ERM initiatives.

A 25-year veteran of the risk management industry, Cisi has been with Clorox for the past four years and said her ERM initiatives evolved from being viewed as the “insurance department” to a “strategic business partner,” with Wright’s collaboration with Cisi’s team to take the company on its ERM journey.

The duo said its ERM framework was built on routines, which provide “an outline that enabled us to use [it] to use as a tool,” for decision-making and assessing its critical risks as well, such as embracing a change in its formula during the manufacturing process.

“We decided to convert from chlorine to high-strength bleach,” Cisi said. “That risk bubbled up through our ERM committee and the actions that needed to be taken, and the methodology behind that came up through ERM.”

ERM was also a key influence when assessing the decision in 2014 to close Clorox Venezuela and cease operations in the country. “‘Should we be the first to exit?’” was the question on stakeholders’ minds for a long time before they discontinued operations, Cisi said. The company was required to sell more than two-thirds of its products at prices frozen by the Venezuelan government. As a result, Clorox Venezuela had been selling its products at a loss, causing ongoing operating losses despite attempts to reach a pragmatic solution with the country’s government. “Looking back, it was a good decision.”

Ultimately, the risk manager’s seat is one of many at a table occupied by executives, stakeholders and the C-suite. Cisi and Wright advocated not for being the loudest one there – but for bringing sound ideas and options. And perhaps coincidentally, Cisi and Wright’s approach seem to be putting Vilsoe’s mantras of engagement and alignment into practice.

“I think every day we get to demonstrate ERM, and not something we just do annually. For example, the ways we engage with product development and business development – we used to be thought of as compliance… and a department that said ‘no,’ Cisi said. “To shift that conversation to create more open engagements where you say ‘I’m your partner and it’s my job to identify these risks. Ultimately, it’s your business decision as to whether or not you go forward with them.”

It was then, she continued, that the risk management department was being consulted on the potential for new products by executives and other groups.

“That was when the conversation shifted from risks to opportunities,” Cisi said, adding, “and that was something they could relate to.”

RIMS members can access the live, uncut audio from “A Seat At The Table” via RIMScast.

An all-access RIMScast episode featuring conference speakers is available here.

Jacksonville Murders Force Reassessment of Active Shooter Risks

Posted on by

A mass shooting at a video game tournament in Jacksonville, Florida on Sunday has once again shined a spotlight on the growing risks businesses face even as they conduct normal operations.

A lone shooter, 24-year-old David Katz, opened fire on football video gamers at a pizza restaurant, killing two and injuring at least nine before turning the gun on himself in an adjacent restaurant. Reports indicate that Katz was allegedly upset at being eliminated from the tournament. One of the deceased victims was a player who defeated Katz in a prior tournament, leading investigators to believe there had been a motive for the shooting. 

The effect of mass shootings has left Florida numb, especially since this follows the Feb. 14 massacre at Marjory Stoneman Douglas High School in Parkland, which left 17 dead and 17 injured; and the Pulse Nightclub shooting in Orlando in 2016, leaving 49 dead and 53 injured. These tragedies demonstrate that no business or venue should consider itself inherently safe and serve as reminders to risk professionals in all sectors that their organizations could be vulnerable to a mass shooting.

Public Safety
The shooting was unique in that it occurred during a live broadcast of the football gaming tournament. Gunshots were clearly audible as players delivered commentary during their simulated contests, prompting them to take cover and call the police, who responded minutes after receiving the first call.  

The incident marked the 235th mass shooting in the U.S., according to the Gun Violence Archive, an organization that collects information about gun-related violence in the country. The FBI and the United States’ Congressional Research Service consider a mass shooting to be one that injures at least four people, excluding the shooter.

In light of this increasingly commonplace threat, understanding how to respond to an active shooter situation can mean the difference between life and death. The U.S. Department of Homeland Security has provided the Run.Hide.Fight plan for guidance in what to do in an active shooter scenario.

Mental Health
As more information about Katz emerges, the links between gun violence, mental health and public safety in the United States become more evident.

CNN reported that Katz had a history of mental health issues and legally purchased a 9mm handgun and a .45-caliber handgun in Maryland. How he transported the weapons and ammunition across state lines and into the event are details still being investigated.

CNN also obtained police records that show 26 calls to the police from the Katz family home in Columbia, Maryland, from 1993 to 2009, for issues ranging from “mental illness” to domestic disputes. At least two of those calls involved Katz arguing with his mother, although none of the reports provided to CNN indicate any physical violence.

Since 2013, residents in Maryland must obtain a handgun qualification license from the state police before purchasing a pistol or revolver. That means Katz would have submitted his fingerprints, undergone a background check (which includes disqualifying individuals who were voluntarily or involuntarily hospitalized for more than 30 days), and passed a firearms safety training course to buy those guns. This scenario has been met with wide skepticism. And since some of his documented mental health issues may have occurred before the gun laws were revised, the disqualifications may not have applied to Katz.

“That clearly is an area in need of reform,” said Democratic Sen. Robert Zirkin, who chairs a Senate committee that handles gun laws.

Insurance
Risk Management magazine recently reported that companies may not be aware of potential gaps in their coverage or that the limits of their coverage, when considering active shooter incidents, are insufficient.

“You might have property coverage, but you might not have assessed your properties in specific locations against this type of risk,” said Robert Hartwig, clinical associate professor of finance and co-director of the Risk and Uncertainty Management Center at the University of South Carolina’s Darla Moore School of Business.“You almost certainly would not have crisis management under your ordinary property or liability policy. So these represent gaps that, as a risk manager, you might be unaware of.”

Beyond property damage, it can be unclear what is covered after a shooting. For example it is difficult to establish the liability for allowing an assailant on a property. “Unfortunately, the increase in the number of active shooter situations has probably gotten ahead of the law on this issue,” Hartwig said. He added that a number of states do allow individuals to carry concealed weapons much, if not all, of the time. “So it’s not necessarily the case that, just by entering the premises with a weapon, individuals are violating the law. Therefore, a business is not necessarily negligent by allowing an armed individual to enter its premises.”  

Follow-Through Needed for Effective Safety Culture

Posted on by

The concept of a culture of safety can be stalled by employers that say they want to be safer, but do little to implement real change.

buy zetia online iddocs.net/images/photoalbum/gif/zetia.html no prescription pharmacy

For example, a company hoping to understand the causes of fatigue, but won’t adjust its schedules, can set itself up for injuries and hazards.

A new report, Making a Safety Culture Truly Cultural, published by KPA, a risk management consultancy found that:

  • 90% of employers want to understand root causes of employees’ fatigue,
    but only 55% say they will adjust schedules or tasks.
  • 51% assign a night shift to an employee immediately before or after a day shift.
  • 60% that know rest is important lack a designated area for employees to do so.

“You may think a workplace fatality is unlikely, but put it into perspective,” the report says. “The Centers for Disease Control and Prevention estimate that a fatal injury could cost nearly $1 million. And the National Safety Council estimates the cost at $1.4 million. Also, factor-in the indirect costs of lost productivity, employee replacement, insurance and attorneys, and the cost jumps to $3 million on average.”

The study offers tips for employers trying to embed safety into their organizational DNA. It also explores how employers who invest time, funds and effort into reshaping their culture can save millions in structural and legal damages.

buy suhagra online iddocs.net/images/photoalbum/gif/suhagra.html no prescription pharmacy

The report puts safety under a microscope to discuss:

  • Its current state in U.S. workplace
  • Where it needs to change
  • How to create a new culture
  • Return on investment
  • How behavioral changes can be key to preventing injuries

The report features case reviews where employers were both proactive and reactive in their efforts to make their workplaces safer. Some were in conjunction with a 2015 OSHA initiative and included adding hands-free tools, re-engineering control systems and installing metal guards to prevent contact with moving machinery.

These actions caused small habit changes that contributed to the larger goal of creating a culture of safety, the report says. Even changing a bad habit such as slow reporting into prompt reporting has proven to reduce future injuries. Addressing one safety issue at a time rather than several concurrently, KPA contends, is the most effective sequence for reshaping a culture.

Habit loops and how cues within those loops translate into the workplace were also explored.

buy bimatoprost online iddocs.net/images/photoalbum/gif/bimatoprost.html no prescription pharmacy

“It’s hard to change habits, but we can fiddle around with the components of the habit loop,” KPA says. “When behaviors become good habits—part of our routine and organizational DNA—that is a clear sign of developing a true safety culture.”

The report is currently available to RIMS members. To download the report, visit the RIMS Risk Knowledge library at www.RIMS.org/RiskKnowledge. All downloads of this publication will be shared with the sponsor, KPA.

To learn about other RIMS publications, educational opportunities, conferences and resources, visit www.RIMS.org.

Data Breach Risk: What’s Next?

Posted on by

Ten years ago, many companies didn’t even ask about using encryption to protect data. Over the years, that has changed. More security and privacy professionals began to see it as an option in their cybersecurity defense.

buy desyrel online medilaw.com/wp-content/uploads/2015/03/jpg/desyrel.html no prescription pharmacy

Then it eventually became a necessary component of most companies’ security strategies and the use of encrypted laptops became a condition precedent for many cyber and privacy insurance policies.

Now, after strengthening their cybersecurity with encryption and other measures, companies need to identify the next potential data exposure points where bad actors can likely turn their attention. One overlooked vulnerability is the visual display of sensitive data on screens.

Protect Visual Privacy
Not every risk management, security and IT professional is familiar with visual hacking, but they should be.

Visual hacking is the unauthorized capturing of sensitive, private or confidential information for unauthorized use. It can include visually stealing information from someone’s phone screen, viewing information left on a printer at work or other opportunities of information that is in plain sight. Very likely, it is already happening to workers in your organization.

It is commonplace for professionals who travel for work to access sensitive corporate material on the go. They could be riding on a train, plane or bus and simply open their laptops, giving those seated next to them full view of their work. In these situations, no one can be certain they are not exposing sensitive information—even something simple like a network username. It is not likely such a road warrior can be aware at all times whether another person is viewing or capturing what’s on their screen.

A study conducted by the Ponemon Institute revealed that 87% of mobile workers have caught someone looking over their shoulder at their laptop in a public space. Yet, despite this potential risk, more than half of mobile workers surveyed said they took no steps to protect important information while working in public.

Visual privacy risks don’t just exist outside the office. A worker who steps away from his or her computer or has a screen facing a public walkway can also expose highly sensitive data to onlookers.

Reduce Your Risk
As with any risk, companies should evaluate the severity and potential frequency of visual privacy exposures to better understand their risk. An insurance broker can help determine if insurance coverage is available for these risks or if insurance premium credits may be available for implementing additional safeguards.

There are other steps any organization can take to reduce the risk of visual hacking. Working with IT departments and information-security officers, companies can implement small, easy changes to existing policies and procedures.

For example, companies can deploy privacy filters on laptops or mobile devices that darken screen data when viewed by onlookers from the side. These filters can also be fitted on device screens in an office to help limit the views of potential insider threats. For example, a receptionist should likely have such a privacy screen in place if his or her screen can be viewed by visitors.

Clean-desk policies should also be in place. Such a policy can reduce the display of sensitive information in printed and electronic forms when workers are away from their desks.

buy champix online medilaw.com/wp-content/uploads/2015/03/jpg/champix.html no prescription pharmacy

Workers should also be printing or storing sensitive information in locked areas and use crosscut shredders to destroy sensitive material.

buy aricept online medilaw.com/wp-content/uploads/2015/03/jpg/aricept.html no prescription pharmacy

Finally, because visual privacy can only exist if workers adhere to policies, training is obviously important. Workers should be trained on the importance of visual privacy and being aware of their surroundings. They should also receive regular training on an organization’s privacy policies and associated safeguards.

Tackle Uncertainty with Certainty
Visual privacy may seem like an additional, unnecessary risk management burden to bear. But, like any other potential threat to sensitive data, it deserves attention. After all, a visual hack can leave no trace of when, where or how it happened—and such uncertainties may become problematic when addressing a data breach.