Для тех, кто интересуется безопасным доступом к онлайн-играм, наш партнер предлагает зеркало Вавады, которое позволяет обходить любые блокировки и сохранять доступ ко всем функциям казино.

SRM: The New Core Competency

Strategic risk management (SRM) has become an increasingly hot topic, with risk managers, C-suite execs and managers across all industries looking to continuously improve their risk management plan. After hearing so much buzz about SRM lately, I decided to attend a session on the topic at RIMS 2011.

Speaking on the issue were none other than the celebrated director of strategic and enterprise risk practice for RIMS, Carol Fox; the director of the center for strategies, execution and valuation for DePaul University, Dr. Mark Frigo; and Hans Laessoe, senior director of strategic risk management at LEGO Systems.

Starting off the presentation to a packed room, Fox reminded everyone of the RIMS/Advisen survey, which notes that, to survey participants, the primary value of SRM is:

  • 28% avoided and or mitigated risk
  • 16% compliance with regulatory and legal requirements
  • 17% eliminated silos
  • 5% process consolidation
  • 24% increased certainty in meeting strategic and operational objectives

Fox noted that SRM was a discipline focused on the upside of risk. More specifically, RIMS defines SRM as a business discipline that drives deliberation and action regarding uncertainties and untapped opportunities that affect an organization’s strategy and strategy execution.

Closing her portion of the presentation, Fox questioned the way that most risk managers think. “Are we too focused on known risks or analyzing the past?” asked Fox. “There appears to be an unmet need for risk management to take a lead role in SRM.”

Following Fox, Laessoe began his speech by explaining LEGO’s theory on risk management, which is:

Prepare for uncertainty –> Active risk and opportunity planning (AROP) –> enterprise risk management –> Monte Carlo simulation

Monte Carlo simulation “has enhanced LEGO’s understanding of uncertainty,” according to Laessoe.

The company applies Monte Carlo simulation to achieve the following:

  1. Budget and estimate uncertainties to show earnings volatility and pinpoint key drivers based on input from business controllers.
  2. Simulation on ERM risk portfolio to consolidate risk exposure and identify 5% worst case scenarios which is the base of LEGO’s defined risk appetite.
  3. Simulation of credit risk portfolio as a “tool” to have a more frank discussion with insurance partners.

Frigo wrapped up the session with some inspiring words on the future of SRM. “SRM is the new core competency,” he said. “If ERM encompasses all areas of organizational exposure to risk, including strategic, why is SRM the NEW core competency? We believe SRM is a foundation for elevating the value of ERM, and for that matter, management in general.”

Amen!

Senior Executives Address RIMS 2011 Attendees

This morning, RIMS 2011 attendees were treated to panel discussion and Q&A that has become an annual tradition at the conference. It featured a veritable “who’s who” of insurance executives. Hosted by three former RIMS presidents, the session was divided into two separate panels. The broker side featured Neal Aton, president and CEO of Wells Fargo Insurance Services; J. Patrick Gallagher, chairman, president and CEO of Arthur J. Gallagher; Alan Garner, president and CEO of Marsh Canada and Stephen McGill, chairman and CEO at Aon Risk Solutions. The insurers were represented by John Doyle, president and CEO of Chartis U.S.; Michael Kerner, CEO global corporate, North America at Zurich; Seraina Maag, chief executive, North American P&C at XL Insurance; and Shivan Subramaniam, chairman and CEO of FM Global.

The discussion began with a presentation on the state of the commercial P&C market by David Bradford, executive vice president of Advisen. Bradford indicated that despite the first quarter’s massive catastrophe losses, the soft market would likely remain throughout 2011. The catastrophes simply haven’t yet absorbed enough capacity to affect a substantial market change. Of course, with hurricane season fast approaching things could change very quickly if a major catastrophe were to hit the United States.

From there the discussion touched on a wide range of topics, including innovation, ethics, diversity, attracting young professionals, regulatory changes, commissions, M&A activity, the impact of social media, the importance of relationships, and the overall need for risk managers to be prepared for the unexpected.

RIMS 2011 Day One in Photos

Bagpipe players open the RIMS 2011 General Session.

RIMS President Scott B. Clark.

RIMS Executive Director Mary Roth.

Olympic speed skater Apolo Ohno.

Apolo Ohno book signing at the RIMS booth.

Board members of the Spencer Educational Foundation.

Spencer Educational Foundation cocktail reception.

The RIMS booth in the exhibit hall.

Sailing towards a new era of risk management.

RIMS Session Highlights Cyber Security Concerns

Cyber security has become an increasingly important topic not only for individuals but for companies as well. I guess that’s why the cyber security session at RIMS 2011 was one of the most popular of the day, with seats filled and attendees lining the walls.

“Cyber Security: Covering Your Assets” featured a panel of industry experts, including Mark Greisiger, president of NetDilligence; Robert Parisi, senior vice president of Marsh; Richard Billson of Zurich North America Commercial and Victoria Telford, director of global insurance and risk management for Hanesbrands.

Billson called for more stringent cyber security actions, noting that “$3 trillion daily moves over network connections.”

Greisiger, referenced a shocking 2010 forensics study from Verizon Security Consultants, which claims:

  • 70% resulting external bad actors (hackers, malware)
  • 48% caused by insiders and a large part of this (90%) deliberate
  • 61% of datat breach discovered by 3rd parties NOT by the company itself
  • 96%of incidents were avoidable with simple controls

As for top perils, Greisiger noted the following:

  • Hacking (SQL injection)
  • Laptop loss
  • Backup tape loss
  • Staff mistakes (“probably 50% of the losses we see” according to Greisiger)
  • DDoS attacks (denial of service)
  • Business partner mishaps and breach

Why the problem of data breaches? Greisiger states:

  1. Most businesses collection more information than necessary and that data is often stored for too long (California laws are trying to do away with retailers asking for zip code – they do reverse indentification and bombard customers with marketing)
  2. Websites are very porous and need constant care
  3. IDS (detection) is very weak (intrusion detection software)

Greisiger concluded with a strong message, stating that with data loss and cyber security threats, “it’s not if but when it happens. It may have already happened to your company.”

Scary thought indeed.