The State of Enterprise Risk Management 2016
|
|
- Barrie Lane
- 5 years ago
- Views:
Transcription
1 S URVEY The State of Enterprise Risk Management 2016 Photo by cassis Fotolia.com By Stephanie Balaouras
2 Forrester Research and Disaster Recovery Journal have partnered to field a number of market studies in business continuity (BC), disaster recovery (DR), and overall enterprise risk management (ERM) in order to gather data for company comparison and benchmarking, to guide research, and for the publication of best practices and recommendations for the industry. This is the ninth annual joint survey. This particular study focuses on the state of ERM. Specifically, we designed this study to determine: n ERM roles, responsibilities, and reporting structure. n The relationship of business continuity to ERM. n Crisis response including business continuity crises and other brand and reputational crises. n The solutions firms invest in to facilitate ERM. More and More Firms Have Formal Enterprise Risk Management Programs According to our study, 40 percent of firms have a formal enterprise risk management program while another 27 percent say they have a single director or head of risk for select areas but not necessarily a broad enterprise program (see Figure 1). It s clear that more and more firms are making the effort to unite isolated areas of risk management in order to more objectively identify, assess, mitigate, and respond to risks to organizational goals. Heads of Risk Management are Reporting Higher into the Organization Together with more formalized programs, we see the increasing presence of a chief risk officer (CRO), which has not always been common. CROs first started appearing after Basel I was established in the late 80s/early 90s. They were responsible for credit and liquidity risk to make sure financial services firms kept enough capital on hand in the case of major market fluctuations. They then became even more common and prominent as firms had to deal with compliance to Sarbanes-Oxley in 2004 to In this survey, we found that: DISASTER RECOVERY JOURNAL WINTER
3 n Thirty-four percent of firms have a CRO. In addition, another 17 percent of firms say they have a single head of business or operational risk. Both trends support the convergence of multiple risk management domains under a single leader (see Figure 2-1). n The head of risk is most likely to report into the office of the CEO. Thirty-two percent report their head of risk reports into the office of the CEO (see Figure 2-2). Where the head of risk management reports dictates the focus of your firm s risk management initiatives. If your head of risk management reports into legal or compliance, the focus of your efforts is obviously on reducing risk from these areas at the lowest possible cost, it s not using ERM as a means to maximize business performance. As more heads of risk management continue to report into senior business leaders, the focus of the program becomes more expansive. n The head of risk reports directly into a C-level executive. It s not only important where you head of risk management reports but how high into the organization. Too far removed from a C-level executive and your head of risk won t have enough influence to affect changes in strategy, operations, and risk mitigation efforts across the firm. He or she will also struggle to garner business participation in risks assessments, response plan development, and response plan simulations. Our survey revealed good news: 78 percent of the heads of risk management report directly into a C-level executive. ERM Responsibilities Are Increasing As firms continue to seek formalize their ERM efforts, they are both unifying and taking on responsibility for additional areas of risk management. According to our study: n Seventy-five percent are fully or mostly responsible for operational risk. Other areas of notable responsibility include regulatory and compliance risk (71 percent) and information security and privacy risk (68 percent) (see Figure 3-1). Most organizations still have dedicated teams for these areas, but the data demonstrates demand to ensure that there is an objective understanding of these risk areas impact organizational goals and objectives, plus, how they affect the organization s risk posture. It s also a reflection that every group has a role to play in responding to these risks. For example, if your firm suffers a data breach, your security incident response team will be responsible for the immediate containment, eradication, and recovery from the attack, but enterprise-wide coordination and crisis communication is best handled by the BC team. 3 DISASTER RECOVERY JOURNAL WINTER 2016
4 n Within operational risk, responsibilities focus on minimizing business disruption. Within operational risk, we see most ERM responsibilities focused on traditional BC crisis events such as business disruptions and workplace safety. Once again, there is an emphasis on legal and compliance risk (see Figure 3-2). ERM and BC Teams are Working More Closely Together Historically, BC teams have coordinated with counterparts in risk management but haven t necessarily taken the extra step to begin collaborating closely on core planning processes such as business impact analysis and risk assessments; this is starting to change. Our survey also found that: n Thirty-seven percent of ERM teams say they report directly into ERM. An additional 29 percent say they work closely with risk management to share information (see Figure 4-1). This trend is reinforce from data from our 2014 State of Business Continuity. In that survey, 16 percent of respondents said the CRO was the executive-level BC sponsor; this is a significant increase from 2011 when it was only 9 percent. We expect this trend to continue and for the CRO to eventually become the dominant executive-level sponsor for BC. n ERM teams are involved in the entire BC planning lifecycle. We also see a degree of involvement between risk management professionals and dedicated BC professionals. (See Figure 4-2). In fact, as firms continue to consolidate operational risk domains under a single umbrella and make less and less of distinction between the category of risk to the business and how to identity and prepare for it, we ll see a unified approach to planning from BIAs and risk assessments to plan development and testing. Documented Response Plans Frequently Focus On Data Integrity BC pros often have three or four generic plans that address loss of employees, loss of physical facilities, and loss of technology/it. These impact-based plans assume a critical resource is unavailable and the firm must invoke a given BCP to address it. They are useful because you can t anticipate every possible risk scenario, and this way you at least have a basic plan in place. These are helpful for risk scenarios such as extreme weather or IT outages but they aren t detailed enough to address other types of crises so the firm has to develop scenario-based plans. In our study: DISASTER RECOVERY JOURNAL WINTER
5 n Most have plans for data tampering, workplace violence, employee misconduct, and privacy breach. Data tampering is a broad category that could include firms deliberately tampering with the results of their own internal test for a given product or service, but it could also include malicious insiders or external actors stealing or manipulating data for individual gain. Privacy breaches typically focus on security breaches of customers personal information which require formal breach notification in most regions of the world or it could also involve the inappropriate use or transfer of personal information (see Figure 5-1). n Plan exercises occur annually for most risk scenarios but most frequently for data integrity. When it comes to data tampering and privacy breaches, firms are more likely to test these more frequently than other plan types, 27 percent and 20 percent say they test these plans more than once per year (see Figure 5-2). They also have the lowest percentage of respondents who say they never test these plans. n Business involvement in simulations remains unacceptably low. Perhaps one of the more disheartening statistics in our study, it turns out that only about one-third of CEOs and representatives bother to participate in plan simulations (see Figure 5-3). This is unfortunate because the CEO sets the tone for the organization and when it comes to customerfacing or highly public breaches, they ll be under tremendous scrutiny. A Majority Have Invoked a Response Plan During the Last Five Years Individuals not involved in enterprise risk management often view risk mitigation efforts and response plans as expensive insurance policies their firms will rarely, or ever, use. However, as is often the case, conventional wisdom is wrong. According to our study, 58 percent of respondents have invoked a response plan at least once during the last five years. According to our study: n Data tampering, employee misconduct, and political or social unrest caused the most frequent invocations. Security pros often remark there are two types of companies: those that have been breached, and those that don t know yet. It s an apt saying when you consider that 56 percent of firms have had to invoke a plan for data tampering and 38 percent have invoked a plan for a customer privacy breach (see Figure 6-1). Interestingly, 40 percent of firms have had to invoke a plan to deal with political or social unrest. However, this is often the type of plan firms fail to document ahead of time, which means most fall back on generic impactbased plans. n Customer privacy breaches cause the most significant impact to the organization. Just how much impact? Well consider that in its most recent 10Q filing, Home Depot attributed $232 million in pretax gross expenses attributed to its September 2014 customer 5 DISASTER RECOVERY JOURNAL WINTER 2016
6 data breach. Breach costs include the cost of the forensic investigation, breach remediation, customer breach notification, and services such as credit monitoring, legal fees etc. However, the costs don t stop there. Home Depot s costs could continue to rise due to impending lawsuits and future counterfeit fraud claims from card networks. n Six months after the crisis, employee morale and corporate strategy still suffered. In addition to the direct costs attributed to the immediate response to the crises, the firm will feel the impact for some time. According to our study, six months later after a crisis, respondents report the cost of dealing with the crises forced them to re-prioritize other strategic investments and that it was still having an effect on employee morale (see Figure 6-2). It s a cycle that can feed itself. Employees are likely demoralized from dealing with the aftermath of the crises or repeatedly seeing the firm s name in the news. Having to delay or forego strategic investments further feeds this demoralization. Technology Focuses On Communication and Core Planning Unfortunately in risk management, there is no single solution that provides all of the capabilities you need for: 1) the upfront planning (business impact analysis and risk assessment); 2) the plan development (document, maintain, and test plans); and 3) the incident or crisis response itself (real-time collaboration, communication, and decision-making based on internal and external information). Even with these areas, there are tools that specialize in delivering specific functionality, for example, automated communication solutions that provide reliable mass and two way, communication or geospatial risk mapping and visualization tool that overlay multiple data feeds (e.g., social media, weather data, surveillance cameras, access points, etc.) onto the maps to add risk context during incident/crisis response. In our survey: n New investment is going to automated communication and BC planning software. Firms tend to invest in automated communication services because the scale, reliability, and other functionality of these solutions is almost impossible to duplicate with internal tools. Communication is also one of the areas that firms struggle with during an incident/crisis. For some time, investment in BC planning software had plateaued because there wasn t much innovation in the software. Most vendors focused on delivering the core planning capabilities but lacked real-time incident/crisis management functionality. Planning still remains the core value proposition but many vendors have begun expanding focus to DISASTER RECOVERY JOURNAL WINTER
7 include vendor risk management and improve their incident/crisis response. According to our study, 32 percent of respondents plan to implement new deployments or expand existing deployments of their automated communication and 32 percent plan similar investments for BC planning software (see Figure 7) n Most risk management pros haven t made up their minds. Perhaps just as notable as what respondents say they plan to invest in is the fact that so many of them still haven t made up their minds if they would deploy a given solution, or even understand what functionality the solution provides. For example, 15 percent of respondents replied don t know on the question of GRC platform investment or investing to secure a risk intelligence provider. Study Methodology In the Fall of 2015, Forrester Research and Disaster Recovery Journal (DRJ) conducted an online survey of 188 DRJ members and Forrester clients. In this survey: n All respondents indicated they were decisionmakers, influencers, or contributors to their firm s risk management activities. n Respondents were from a range of company sizes: 40 percent had 1 to 999 employees; 23 percent had 1,000 to 4,999 employees; 13 percent had 5,000 to 19,999 employees; and 25 percent had 20,000 or more employees. n Respondents were from companies with a range of revenues: 46 percent of respondents were from companies with revenues of less than $500 million; 12 percent were from companies with revenues of $500 million to $999 million; 21 percent were from companies with revenues of $1 billion to $4.99 billion; 4 percent were from companies with revenues of $5 billion to $10 billion; and 18 percent were from companies with revenues of more than $10 billion. n Respondents were from a variety of industries. n Respondents were primarily from North America but there was representation from Europe, the Middle East, Africa, and Asia. Many companies had business operations in multiple regions: 84 percent of respondents had locations in North America; 11 percent had locations in Europe, Middle East, or Africa; 4 percent had locations in Asia; and 1 percent had locations in South America. This survey used a self-selected group of respondents (DRJ members and Forrester clients) and is therefore not random. These respondents are more sophisticated than the average. They read and participate in business continuity and disaster recovery publications, online discussions, etc. They have aboveaverage knowledge of best practices and technology in BC/DR and enterprise risk management. While nonrandom, the survey is still a valuable tool in understanding where advanced users are today and where the industry is headed. v Stephanie Balarous is a vice president and research director of security and risk management for Forrester Research. Balarous leads a team of analysts at Forrester who provide research and advisory services. 7 DISASTER RECOVERY JOURNAL WINTER 2016
2008 BUSINESS RESILIENCY SURVEY RESULTS:
ijet/wp0010-06 2008 BUSINESS RESILIENCY SURVEY RESULTS: An Insider's Look at the Current State of Risk Management, Continuity and Resiliency in Multinational Organizations July 2008 ABOUT THE RESEARCH
More informationRC & CRISIS MANAGEMENT. risk compliance RISK & COMPLIANCE MAGAZINE. risk & compliance REPRINTED FROM: JUL-SEP 2015 ISSUE
R E P R I N T RC & risk compliance & CRISIS MANAGEMENT REPRINTED FROM: RISK & COMPLIANCE MAGAZINE JUL-SEP 2015 ISSUE RC & risk & compliance Visit the website to request a free copy of the full e-magazine
More informationIntelligence Report. Enterprise IT and Services NICE Systems Pushes the Envelope with a Real-Time Customer Engagement Platform
Enterprise IT and Services NICE Systems Pushes the Envelope with a Real-Time Customer Engagement Platform Europe +33 (0) 1 41 14 83 15. Or visit our Web site: www.currentanalysis.com 1 Enterprise IT and
More informationWIC 104 RISK MANAGEMENT AND BUSINESS CONTINUITY PLANNING FOR LOCAL WIC AGENCIES. Peg Jackson, DPA, CPCU National WIC Association
WIC 104 RISK MANAGEMENT AND BUSINESS CONTINUITY PLANNING FOR LOCAL WIC AGENCIES Peg Jackson, DPA, CPCU National WIC Association Learning Agenda Week 1 Risk Management and its role in WIC offices What is
More informationThe Guide to GRC Frameworks and Implementation
E-Guide The Guide to GRC Frameworks and Implementation As organizations put into action a plan for GRC it s important to consider the 3 individual components and how they create a system of reinforced
More informationSusan Schmidt Bies: Corporate governance and community banks
Susan Schmidt Bies: Corporate governance and community banks Remarks by Ms Susan Schmidt Bies, Member of the Board of Governors of the US Federal Reserve System, before the Annual Convention of the Arkansas
More informationDiversity and Inclusion. Executive Summary
Diversity and Inclusion Executive Summary In an effort to explore the adoption and impact of diversity and inclusion initiatives within IT departments, TEKsystems surveyed more than 250 IT leaders (i.e.,
More informationHow to disasterproof critical. business data. 5 steps for keeping systems online and accessible in any scenario.
How to disasterproof critical business data 5 steps for keeping systems online and accessible in any scenario. The growth of DRaaS The tremendous growth of software as a service (SaaS) continues, while
More informationEffectively Communicating Enterprise-Wide Business Continuity to Senior Management and Stakeholders. October 7, 2014
Effectively Communicating Enterprise-Wide Business Continuity to Senior Management and Stakeholders October 7, 2014 Agenda Background Program Elements What Makes it Enterprise-wide Recommended Strategies
More information2017 Healthcare Compliance Benchmark Study
2017 Healthcare Compliance Benchmark Study Executive Summary and Results EXECUTIVE SUMMARY This report represents SAI Global s eighth annual survey gathering insights from compliance professionals in the
More informationDefining Risk Management within an Organization: Results of the 2012 Survey for Japanese Risk Managers
Defining Risk Management within an Organization: Results of the 2012 Survey for Japanese Risk Managers Kenji Fujii 1 and Yuji Morimoto 2 Abstract Tokyo Risk Managers Association (TRMA), a voluntary group
More informationHow to apply the 10 BCP best practices to Treasury
How to apply the 10 BCP best practices to Treasury Jill Piligra, Vice President Treasury Management Sales Consultant Seth Marlowe, Vice President Solutions Sales Consultant AFPWNY Lunch Meeting April 17,
More informationHIMSS RCM Survey. Understanding Health Systems Revenue Cycle Management and Challenges
HIMSS RCM Survey Understanding Health Systems Revenue Cycle Management and Challenges As healthcare delivery continues to evolve, hospitals are struggling to make the most of their revenues. The shift
More informationThe Accenture 2011 High Performance Finance Study. Redefining High Performance in the Insurance Finance Function
The Accenture 2011 High Performance Finance Study Redefining High Performance in the Insurance Finance Function Contents Introduction Introduction 03 Delivering greater value to the enterprise 09 Dealing
More informationCitizens Property Insurance Corporation Business Continuity Framework
Citizens Property Insurance Corporation Framework Dated September 2015 Approvals: Risk Committee: September 17, 2015 (via email) Adopted by the Audit Committee: Page 1 of 12 Table of Contents 1 INTRODUCTION...
More information2012 Financial Risk Management Survey Results Report
2012 Financial Risk Management Survey Results Report October 2, 2012 Kenji Fujii and Yuji Morimoto Tokyo Risk Managers Association ( TRMA ) When using these materials, please keep the following points
More informationDRJ Spring World 2009
DRJ Spring World 2009 Continuously Drive, Recognize, Exploit, and Create value from your BC/DR program with an Recovery Lifecycle Management approach Recovery Lifecycle Management Rick Galietta / David
More informationRA Survey Appendix 1. All questions and answers and Additional insights. TM Forum Revenue Assurance Team TM Forum 1 V2015.4
RA Survey Appendix All questions and answers and Additional insights TM Forum Revenue Assurance Team 06 TM Forum All questions and answers 6 7 8 Respondent Profiles Page RA Organizations and Maturity Page
More informationWHITE PAPER----Dollar Days Website Author: Chuck Vance, President, MaskMail.com
WHITE PAPER----Dollar Days Website Author: Chuck Vance, President, MaskMail.com HAVE YOU EVER SAID, I WISH THAT SOMEONE WOULD HAVE SAID SOMETHING EARLIER, WE COULD HAVE SAVED A LOT OF MONEY? DO YOU KNOW
More informationManaged Services and the Bottom Line
Sentia Solutions Inc. 1550 16th Avenue Building C North Richmond Hill, ON L4B 3K9 Canada A Sentia Solutions White Paper Managed Services and the Bottom Line The Dollars and Sense of Outsourced IT Services
More informationMy name is Sam Mulholland and I am the Managing Director of Standby Consulting.
Cyber Security Forum Presentation C.B (Sam) Mulholland Good Afternoon My name is Sam Mulholland and I am the Managing Director of Standby Consulting. Just a little bit about myself. I have worked in IT
More informationBUSINESS INTELLIGENCE MATURITY AND THE QUEST FOR BETTER PERFORMANCE
WHITE PAPER BUSINESS INTELLIGENCE MATURITY AND THE QUEST FOR BETTER PERFORMANCE Why most organizations aren t realizing the full potential of BI and what successful organizations do differently Research
More informationThe board s role in confronting crisis
The board s role in confronting crisis A corporate crisis in today s world accelerates more quickly with a larger impact than ever before. The 24-hour news cycle and prevalence of social media contribute
More informationAgenda. Enterprise Risk Management Defined. The Intersection of Enterprise-wide Risk Management (ERM) and Business Continuity Management (BCM)
The Intersection of Enterprise-wide Risk (ERM) and Business Continuity (BCM) Marc Dominus 2005 Protiviti Inc. EOE Agenda Terminology and Process Introductions ERM Process Overview BCM Process Overview
More informationEnterprise Risk Management: Materials [date]
SLS SAMPLE DOCUMENT 07/09/17 [client logo] Enterprise Risk Management: Materials [date] Note: This document does not reflect or constitute legal advice. This is a sample made available by the Organizations
More informationCHAPTER 15: ENTERPRISE RISK MANAGEMENT - SUPPLEMENTAL MATERIAL
CHAPTER 15: ENTERPRISE RISK MANAGEMENT - SUPPLEMENTAL MATERIAL Robert N. Charette From the book The Next Wave of Technologies: Opportunities in Chaos by Phil Simon ERM Frameworks Competition for Hearts
More informationFraud and corruption When an investigation is also a crisis. Andrew Macintosh Associate Director
Fraud and corruption When an investigation is also a crisis Andrew Macintosh Associate Director Agenda 1. The context: When is an investigation a crisis? 2. What is a crisis-led approach to investigations?
More informationStrategic Program Management in a Disruptive World
AN EXL WHITE PAPER Strategic Program Management in a Disruptive World Written by: Rohan Regis Vice President lookdeeper@exlservice.com Transformation is now taking place across the entire value chain of
More informationEnabling a Comprehensive Platform for BCMP that integrates People, Process and Technology
Enabling a Comprehensive Platform for BCMP that integrates People, Process and Technology TM Overview Perpetuuiti provides an intelligent, end-to-end automated approach towards Business Continuity Planning
More informationContinuity of Operations Planning (COOP)
Continuity of Operations Planning (COOP) Business Continuity and Disaster Recovery State of Delaware 2008 NASCIO Nomination Page: 1 CONTINUITY OF OPERATIONS PLANNING EXECUTIVE SUMMARY Business Continuity
More informationThe Six Stages of a Crisis. Stage Five: Resolution
The Six Stages of a Crisis Stage Five: Resolution The Six Stages of a Crisis Stage Five: Resolution Executive Summary Two-way communication is critical throughout each stage of a crisis. During the resolution
More informationThe Strategy Confidence Gap: Results From Our Survey on Strategic Readiness and Disruptive Change
STRATEGIC READINESS SURVEY Winter 2014 The Strategy Confidence Gap: Results From Our Survey on Strategic Readiness and Disruptive Change Executive Summary Disruptive change is accelerating, driven by the
More informationIBM Intelligent Operations Center for Smarter Cities
IBM Industry Solutions IBM Intelligent Operations Center for Smarter Cities Coordinate city agencies and resources to deliver exceptional service to citizens Highlights Leverage information across all
More informationLeading financial institutions are transforming the way they manage IT risk
IBM Global Technology Services Thought Leadership White Paper July 2013 Leading financial institutions are transforming the way they manage IT risk Resiliency, security and agility are all being reconsidered
More information2017 North American Converged Surveillance Systems Product Leadership Award
2017 North American Converged Surveillance Systems Product Leadership Award Contents Background and Company Performance... 3 Industry Challenges... 3 Product Family Attributes and Business Impact of Vidsys...
More informationThe Next Frontier for Internal Controls Beyond SOX 404 Keynote Luncheon Presentation
THE CONFERENCE BOARD OF CANADA S WESTERN CORPORATE GOVERNANCE FORUM 2005 Shaping Governance Controls to Fit Your Organization Calgary, Canada The Next Frontier for Internal Controls Beyond SOX 404 Keynote
More informationCorporate Risk Management Services. Pinkerton is a leading provider of risk management services and solutions for organizations around the globe.
Corporate Risk Management Pinkerton is a leading provider of risk management services and solutions for organizations around the globe. New threats arise every day. Is your business fully protected? Manage
More informationTable of Contents. 2 Introduction: Planning an Audit? Start Here. 4 Starting From Scratch. 6 COSO s 2013 Internal Control Integrated Framework
Table of Contents 2 Introduction: Planning an Audit? Start Here 4 Starting From Scratch 6 COSO s 2013 Internal Control Integrated Framework 8 Preparing for a Planning Meeting 10 Preparing the Audit Program
More information2016 Guest Satisfaction Management Barometer
2016 Guest Satisfaction Management Barometer Report Managing Guest Satisfaction Surveys: Best Practices Contents Introduction The Importance of Guest Intelligence Key Findings Methodology Detailed Results
More informationBusiness Continuity Planning. LGMA Conference October 27, 2011 Presented by Lisa Benini
Business Continuity Planning LGMA Conference October 27, 2011 Presented by Lisa Benini What is it? Business Continuity Planning Definition: Process of developing and documenting advance arrangements and
More informationThomson Reuters: Anti-Money Laundering Survey Insights
Thomson Reuters: Anti-Money Laundering Survey Insights 2 Introduction With rising regulatory pressure, increasing cost of compliance and disruptive technologies entering Know Your Customer (KYC) and Anti-Money
More informationMaximizing personalization. How to improve data insight for better consumer connections
Maximizing personalization How to improve data insight for better consumer connections An Experian Data Quality White Paper July 2014 Introduction...1 Key findings...2 CONTENTS Prevalence of personalization...2
More informationEnsuring Organizational & Enterprise Resiliency with Third Parties
Ensuring Organizational & Enterprise Resiliency with Third Parties Geno Pandolfi Tuesday, May 17, 2016 Room 7&8 (1:30-2:15 PM) Session Review Objectives Approaches to Third Party Risk Management Core Concepts
More informationManaging reputation risk. Laura Toni, Deloitte Romania November 28, 2014
Managing reputation risk Laura Toni, Deloitte Romania November 28, 2014 Executive summary What is your company s reputation worth? According to a study by the World Economic Forum performed in 2012, on
More informationHow Your Business Survival Depends On Disaster Recovery.
How Your Business Survival Depends On Disaster Recovery www.itgct.com 1 Business continuity and disaster recovery, known as BCDR or BC/DR, are essential for ensuring the survival of your business in the
More informationElevate your DR Program from the Backroom to the Boardroom
Elevate your DR Program from the Backroom to the Boardroom David Halford Managing Consultant Enterprise Risk Management, BCDR Forsythe Solutions Group 1 2 3 4 5 6 7 Elevate your DR Program Discussion Topics
More informationClaus von Riegen. Innovating at SAP the Delicate Balance between Incremental and Radical Innovation. An interview with
An interview with Claus von Riegen Vice President and Head of Business Model Innovation (BMI) at SAP Innovating at SAP the Delicate Balance between Incremental and Radical Innovation Transform to the power
More information5 Tips for Improving Collaboration
5 Tips for Improving Collaboration Introduction 2 As a business leader, you re constantly anticipating and responding to the evolving needs of your employees. Because of that, you may be under pressure
More informationDetecting and responding to fraud: making the intelligent connection Fraud Investigation & Dispute Services
Investigations Detecting and responding to fraud: making the intelligent connection Fraud Investigation & Dispute Services We make the connection between knowledge and insight Our dedicated global team
More informationBusiness Risk Intelligence
Business Risk Intelligence Bringing business focus to information risk It s a challenge maintaining a strong security and risk posture. CISOs need to constantly assess new threats that are complex and
More informationBusiness Continuity Framework
Business Continuity Framework A definition to the Components of Resiliency March, 1 Business Continuity Framework 1. INTRODUCTION... 3 2. PURPOSE... 3 3. THE FRAMEWORK... 4 4. STEERING COMMITTEE... 5 5.
More information5 Steps to Implementing Business Continuity Services. By David Davis, vexpert. Brought to you by Symantec Keeping Your Applications Running
5 Steps to Implementing Business Continuity Services By David Davis, vexpert Brought to you by Symantec Keeping Your Applications Running Your company s customers and end users (and even executives) have
More informationThe Superstar CFO. Optimizing an increasingly complex role. A research brief prepared in collaboration with SAP
The Superstar CFO Optimizing an increasingly complex role A research brief prepared in collaboration with SAP The Superstar CFO Optimizing an increasingly complex role A research brief prepared in collaboration
More informationBusiness Continuity 101. Fairchild Resiliency Systems
Business Continuity 101 Fairchild Resiliency Systems Business Continuity Business Continuity (BC) is defined as the capability of the organization to continue delivery of products or services at acceptable
More informationAchieving Business Resilience in HEALTHCARE
Case Study: Cerner 888.316.6747 resolver.com Achieving Business Resilience in HEALTHCARE With its software and IT services licensed to over 18,000+ healthcare facilities in the US, Cerner is the leading
More informationEnhancing Utility Outage Management System (OMS) Performance
Enhancing Utility Outage Management System (OMS) Performance by John Dirkman, P.E. Executive summary Traditional grid outage management systems suffer from two fundamental flaws: they lack an accurate,
More informationSAP BW Consulting, Inc s. Value Creation Proposition
www.sapbwconsulting.com SAP BW Consulting, Inc s Value Creation Proposition E-Mail: Lonnie.Ayers@SAPBWConsulting.com We Don t Try to Fit a Square Peg in a Round hole 2 TABLE OF CONTENTS Client Value Creation
More informationINSIDE. 2 Introduction 12 Conclusion 4 6. How Prepared Are Corporate Law Departments?
INSIDE 1 A Message From Morrison & Foerster s Global Risk & Crisis Management Chair 7 How Prepared Are Corporate Law Departments? 2 Introduction 12 Conclusion 4 6 Risk and Crisis Management: An Emerging
More informationCrisis Management Who s In Charge?
Crisis Management Who s In Charge? Presented by: Cynthia Simeone, CBCP, PMP Satori Consulting Judith Walker, PMP Goldman Sachs Crisis Management What is Crisis Management? Crisis Management involves identifying
More informationWhy Hiring the Right CISO is so Hard And What You Can Do About It
Why Hiring the Right CISO is so Hard And What You Can Do About It AUTHORS: ERIK MATSON Managing Director, Global Head of Insurance & Cybersercurity JOHN BUDRISS Executive Director, Technology, Data Science
More informationTrust Your Suppliers, Manage Your Risk The Importance of Third-Party Supplier Visibility About Perfect Commerce
Trust Your Suppliers, Manage Your Risk The Importance of Third-Party Supplier Visibility About Perfect Commerce Since 1994, Perfect Commerce has been automating spend management initiatives offering world-class
More informationDelivering Service Transformation for Banking
WHITE PAPER Delivering Service Transformation for Banking Making the most of your service provider partnership Contents 2 Strategic objectives and goals 2 Scope definition 3 Viable business case 3 Due
More informationOptimizing WAN for Application Acceleration
ANALYST REPORT Optimizing WAN for Application Acceleration October 2007 Page 2 Executive Summary Aberdeen Group surveyed 235 organizations in October 2007 to identify challenges and best practices around
More informationISACA S IT Audit, Information Security & Risk Insights Africa 2014 MAY, 2014
ISACA S IT Audit, Information Security & Risk Insights Africa 2014 MAY, 2014 MANAGING IT RISKS IN THE BANKING INDUSTRY Emmanuel Ofori Boateng, Dep. Head, IT, Ecobank Ghana OVERVIEW - HISTORY OF RISK MANAGEMENT
More informationConcept of Operations. Disaster Cycle Services Program Essentials DCS WC OPS PE
Concept of Operations Disaster Cycle Services Program Essentials DCS WC OPS PE October 2014 Change Log Date Page(s) Section Change Owner: Disaster Cycle Services 2 Change Log... 2 Introduction... 4 Purpose...
More informationThe Business Case for Automated Robustness Testing. Measuring return on investment for industrial control system manufacturers
The Business Case for Automated Robustness Testing Measuring return on investment for industrial control system manufacturers Introduction In the race to offer more features at a faster pace, industrial
More informationAuditing the Corporate Business Continuity and Disaster Recover Plan
Auditing the Corporate Business Continuity and Disaster Recover Plan IIA 16 th Annual Conference Transforming Internal Audit to Drive Value Sarova Whitesands, Mombasa June 2018 International ), a Swiss
More informationBullish on digital: McKinsey Global Survey results
AUGUST 013 Jean-François Martin b u s i n e s s t e c h n o l o g y o f f i c e Bullish on digital: McKinsey Global Survey results CEOs and other senior executives are increasingly engaged as their companies
More informationBuilding a Foundation for Effective Service Delivery and Process Automation
Building a Foundation for Effective Service Delivery and Process Automation Agenda Service Management World Tour IBM Service Management Customer Challenges Overview of Service Delivery and Process Automation
More informationFor Anti-Corruption PILOT PROGRAM RESULTS REPORT
For Anti-Corruption PILOT PROGRAM RESULTS REPORT FEBRUARY 2014 OVERVIEW In 2013 and 2014, 23 companies participated in CREATe Leading Practices for Anti-Corruption, our three-step service that is based
More informationS U R V E Y I D C O P I N I O N. Cushing Anderson
S U R V E Y I m p a c t o f T r a i n i n g o n N e t w o r k A d m i n i s t r a t i o n : C e r t i f i c a t i o n L e a d s t o O p e r a t i o n a l P r o d u c t i v i t y Cushing Anderson I D C
More informationMAJOR INCIDENT MANAGEMENT TRENDS
MAJOR INCIDENT MANAGEMENT TRENDS 5 Survey Report Introduction Reliance on digital infrastructures has dramatically increased the impact and frequency of major incidents. In fact, more than 9 of large businesses
More informationAbout the Pulse of Internal Audit
About the Pulse of Internal Audit Number of Responses The IIA s Audit Executive Center (AEC ) has gathered insight from leaders in the CAEs 460 profession through the annual Pulse of Internal Audit survey
More informationInformatica Reimagines Customer Service for Hyperscale. Industry: Cloud, Data Management, Service & Support Date: July 2018
Informatica Reimagines Customer Service for Hyperscale Market Milestone Industry: Cloud, Data Management, Service & Support Date: July 2018 Executive Summary Key Stakeholders: Data Management Leaders,
More informationAn Insider s Look at Media, Brand Safety, and Partnerships
MARKETERS SURVEY RESULTS 2018 An Insider s Look at Media, Brand Safety, and Partnerships Sizmek Research Contents Executive Summary 3 Marketers and Media: What the Survey Reveals 4 Contextual targeting
More informationDigital business models need advanced operating models
Report GENERATING DIGITAL IMPACT Digital business models need advanced operating models Research findings indicate that harnessing the full power of digital technologies requires a reimagination of operations
More information5 Tips for Improving Collaboration
5 Tips for Improving Collaboration Introduction 2 As a business leader, you re constantly anticipating and responding to the evolving needs of your employees. Because of that, you may be under pressure
More informationWHITE PAPER KEY PRINCIPLES OF INTEGRATED BUSINESS RESILIENCY
WHITE PAPER KEY PRINCIPLES OF INTEGRATED BUSINESS RESILIENCY It s hard to find an organization not impacted by at least one natural, man-made or cyber disruption in 2017. From earthquakes in Mexico, to
More informationAttribution 101: The Savvy Marketer s Guide
Attribution 101: The Savvy Marketer s Guide Balancing Multiple Marketing Channels by Bob Michaelian EVP of Marketing Services, Connexity 1 Search Attribution ebook The Savvy Marketer s Guide to Attribution:
More informationTop 10 pitfalls to avoid when re-inventing your disaster recovery program
The Essential DR Cheat Sheet: Top 10 pitfalls to avoid when re-inventing your disaster recovery program Consult Build Transform Support Every new malicious attack or weather catastrophe underscores the
More informationSeven Key Success Factors for Identity Governance
WHITE PAPER Seven Key Success s for Identity Governance Insights and Advice from Real-World Implementations You have been given a high-profile mission: address urgent audit and compliance requirements
More informationIT Decision Makers Get Information Workplace Platforms But Strategies And Implementations Are Just Beginning To Break Silos
December 5, 2006 IT Decision Makers Get Information Workplace Platforms But Strategies And Implementations Are Just Beginning To Break Silos A commissioned study conducted by Forrester Consulting on behalf
More informationBC & RISK MANAGEMENT: CONVERGENCE IS REAL David Halford Forsythe Solutions Group Frank Perlmutter Strategic BCP
BC & RISK MANAGEMENT: CONVERGENCE IS REAL David Halford Forsythe Solutions Group Frank Perlmutter Strategic BCP WHY THE CONVERGENCE OF BUSINESS CONTINUITY & RISK MANAGEMENT? The convergence of BC and RM
More informationCompany Name: Huron Consulting Group, Inc. (HURN) Event: William Blair 2018 Growth Stock Conference Date: June 14, 2018
Company Name: Huron Consulting Group, Inc. (HURN) Event: William Blair 2018 Growth Stock Conference Date: June 14, 2018 Okay. We're going to go ahead
More informationCreate your ideal data quality strategy. Become a more profitable, informed company with better data insight
Create your ideal data quality strategy Become a more profitable, informed company with better data insight An Experian Data Quality White Paper March 2015 Introduction...1 The levels of data quality sophistication...2
More informationIntelligent Payment Management for Today and Tomorrow Technology Advancement to Navigate the Converging Payments Landscape
Intelligent Payment Management for Today and Tomorrow Technology Advancement to Navigate the Converging Payments Landscape Adapting to the Evolution of Payments The payments industry has evolved extensively
More informationDon t Panic! How to develop and implement an emergency response plan for your attraction
Don t Panic! How to develop and implement an emergency response plan for your attraction Paul Chatelot, Director / Prevention, Safety & Environment DiSNEYLAND PARIS September 19, 2016 Agenda Don t panic
More informationFinancial Supply Chain Transactions: The Rising Importance of Information Protection and Secure Connectivity for Data Exchange
Financial Supply Chain Transactions: The Rising Importance of Information Protection and Secure Connectivity for Data June 18, 2007 Rising Complexity of Financial Supply Chain Transactions and the Role
More informationB U S I N E S S R I S K M A N A G E M E N T L T D
B U S I N E S S R I S K M A N A G E M E N T L T D Governance, Risk and Compliance (GRC) After completing this course you will be able to Course Level Understand the requirements and benefits of GRC Develop
More informationA Business Oriented Architecture. Combining BPM and SOA for Competitive Advantage
Combining BPM and SOA for Competitive Advantage Phil Gilbert Introduction In a recent survey of 1,400 CIOs by Gartner Executive Programs, the top business priority identified by CIOs was business process
More informationChanging Hats: Business Continuity to Operations Risk Manager. Presenter
Changing Hats: Business Continuity to Operations Manager Continuity Insights Management Conference New Orleans, Louisiana Tuesday, April 13, 2008 9:45 11:00 AM Presenter Susan Rogers, MBCP Senior Vice
More information2017 North American Physical Security Intelligence Solutions Company of the Year Award
2017 North American Physical Security Intelligence Solutions Company of the Year Award 2017 NORTH AMERICAN PHYSICAL SECURITY INTELLIGENCE SOLUTIONS COMPANY OF THE YEAR AWARD Contents Background and Company
More informationUS Business Continuity Safeguarding Your Business from a Disaster
US Business Continuity Safeguarding Your Business from a Disaster Juanita Hardin BMO Harris Bank Head TPS Risk and Compliance William Simmons BMO Harris Bank Vice President Business Continuity Management
More informationWelcome! We ll be starting shortly.
Welcome! We ll be starting shortly. We have a plan for that! We have a plan for that! Mission possible: ADP s Global Business Resiliency Program September 8, 2014 Agenda ADP At A Glance BRO: Who We Are
More informationTABLE OF CONTENTS ONLY Business Continuity - Critical Supplier Management Assessment
TABLE OF CONTENTS ONLY Business Continuity - Critical Supplier Management Assessment 2014 Prepared by BC Management, Inc. Benchmarking. Plan Ahead. Be Ahead. Table of Contents Reporting History 4 Study
More informationMeter Reading Profiles & Best Practices 2006
Meter Reading Profiles & Best Practices 2006 Meter reading is the critical first-step in the revenue collection process. For most utilities, meter reading is a labor-intense activity. While the use of
More informationOBSI Strategic Plan
OBSI Strategic Plan 2017-2021 TABLE OF CONTENTS 1. Building OBSI s Strategic Plan... 2 1.1 Strategic Plan Development... 2 1.2 Context and Strategic Response... 2-3 2. The Strategic Plan... 4 2.1 OBSI
More informationBusiness Continuity. Building a Program Fit for Purpose
Business Continuity. Building a Program Fit for Purpose Tim Janes. Director Fulcrum Risk Services Tuesday 2 September. 11.30-12.45 T Janes. BC SLIDES. RIMS Risk Forum Aust 2014 v1.0 Building a BC Program
More informationFOUR STEPS TO BECOMING FLUENT IN THE LANGUAGE OF PRICING
FOUR STEPS TO BECOMING FLUENT IN THE LANGUAGE OF PRICING By Sudipto Banerjee, Amadeus Petzke, Just Schürmann, Matt Beckett, and David Langkamp Pricing is a powerful language. Higher prices can signal different
More information