Every so often (business continuity plan updates, for example), figuratively speaking it’s time to get the crystal ball out and see what the future holds. This is an ambitious undertaking given how difficult it is to know what the weather will be like next week, let alone business in six months’ time. Modern science has also crushed lingering hopes that any certainty might exist anywhere in the universe. This means BC planners have to bite the bullet and accept that figuring out what might be coming down the line means building on uncertainties instead. But then which are the right uncertainties to consider? (more…)
Archive for the ‘Risk Evaluation’ Category
Want to know what’s on the radar screen for economic and technological risks? Or is your interest more in societal and environmental threats? The Global Risks 2012 report from the World Economic Forum has something for everything. It breaks risks out into five global categories – the four we’ve just mentioned, plus a fifth, geopolitical risks. While some of this is beyond the sphere of influence of most individual companies or associations (for example, the militarisation of space), other categories list risks over which they may have more control. (more…)
Much of the difficulty of effective business continuity planning lies in the fact that you need to make detailed plans for things not to happen, rather than just for things to happen. This means the strength of mind necessary for delving into the detail of scenarios that may never come up and simulating situations that may never arise. It also means the leadership qualities to attract and federate, from a business continuity point of view, followers across the whole organisation. It’s a challenge of “distributed detail” and it shows up in at least two key parts of the business continuity planning process.
Awareness is growing around the importance of risk management, and IT’s involvement in ensuring compliance. A special ARN report.
Risk management should be high on the list of priorities right now. If organisations and boards didn’t realise its importance previously, the natural disasters of Queensland, Victoria, Perth, Christchurch, Japan, and, most recently, Myanmar (it’s been a bad start to the year) should have reinforced it.
Then there’s the other, less physical disasters that can hit organisations. RSA security gets broken through, Anonymous effectively pulls Visa and MasterCard offline. Locally, Virgin runs into a PR disaster when its customers struggle with its systems.
Michael Jenkin from Business Technology Partners, posted an Article in ARN on the 22nd March; discussing redundancy in the IT world.
What an interesting article. This will get you thinking about Cloud Computing solutions for your business. Have you dotted your ‘I’s’ and crossed your ‘T’s’. Have you opted for the cheaper option? Have you missed something?
“Truly, you can never have too much redundancy. You can allow for everything that can possibly go wrong, still something will be left out of your risk analysis and come at you from an unexpected angle.” Michael Jenkin, Too much redundancy is a myth, ARN 22nd March.
Click here to see the full article.
OpsCentre will be hosting a Round Table on the 28th of April at the Vibe Hotel in Sydney; to register click here.
We will be discussing the risks associated with cloud computing with industry professionals.
To get you warmed up for the discussion have a look at this very informative clip posted by Macquarie Telecom discussing Cloud computing and the risks associated with off-site data storage.
Click here to watch the Macquarie Telecom Clip.
Operational Risk emerges from various sources; sometimes lying undetected for years, or more often, unexpectedly, catching executives off-guard. Join us for this roundtable discussion to share your ideas and find out how your peers mitigate operational risk and ensure protection of their organisation’.
The discussion is relevant to Chief Executives, Chief Financial Officers, Managing Directors, Business Continuity Managers, Risk and Compliance Managers, and all senior executives looking to assess and mitigate risks during 2010/11.
Rod Crowder, Managing Director of OpsCentre, will facilitate an open and unbiased discussion between participants; providing an opportunity to comment and discuss individual perspectives and share related issues and experiences with each other. He will outline a number of action areas where senior executives can gain rapid traction on this important challenge.
Operational Risk is one of many categories of risk managed by all organisations, others include; strategic, compliance, reporting, market, credit, legal, political and insurance risks. Whilst some types relate to generation of strategic advantage or profitability, operational risk is inherent to the imperfections or errors of its people, processes and technology assets. Organisations must assess the likelihood and impact to generate an overall rating, against which mitigation strategies can be implemented or accept a level of ‘residual risk’.
Our round table discussion topics include:
What are the major categories of operational risk?
How are organisations assessing qualitative and quantitative operational risks?
How does ‘risk appetite and tolerance’ vary across different organisations?
What strategies, methods and tools are organisations using for risk mitigation?
What operational risk management standards or ‘good practice guides’ are relevant?
What experiences do people have in responding to incidents?
We look forward to sharing your views and perspectives at our Roundtable.
Thursday July 08, 2010, 4:00PM to 6:00PM
OpsCentre - Level 18, 323 Castlereagh Street, Sydney 2000 Australia
Audio: +612 6108 4655, Access Code: 672-734-064
Audio PIN: Shown after joining the meeting
Meeting ID: 672-734-064
Contact Rod Crowder ASAP to register your attendance.
About your Facilitator
Rod Crowder is Managing Director of OpsCentre, a boutique provider of risk, business continuity and disaster recovery consulting, software and training solutions. He has worked in the Management Consulting sector for 17 years in a variety of management, training, facilitation, project management and consulting roles.
Rod has project managed and consulted on projects for organisations including Telstra, Lend Lease, Nestle, Hewlett Packard, Fujitsu Australia, DCA Group, Thomson Legal and Regulatory, Omnilab Media Group, Ambience Entertainment, Amity Group, Amnesty International, Integral Energy, Coates Hire, Westlink M7, Hills M2 Motorway, Franklins Foods and several Federal and NSW Government Agencies, and local councils.
He has undertaken extensive overseas consulting assignments in Hong Kong, Singapore, Japan, New Zealand, USA and Europe. He holds a Higher National Diploma in Computer Studies from Brighton University in the UK.
OpsCentre has uploaded a video about Risk Management to our You Tube Channel…
Compliance is an outcome of an organization meeting its obligations. Policies and procedures to achieve compliance must be integrated into all aspects of how the organization operates. Compliance should not be seen as a standalone activity, but should be aligned with the organization’s overall strategic objectives. An effective compliance program will support these objectives.
While maintaining independence, compliance should be integrated with the organization’s financial, risk, quality, environmental and health and safety management systems and its operational requirements and procedures.
Compliance programs should be shaped by an organization’s core values and generally accepted corporate governance, ethical and community standards.
An effective organization-wide compliance program results in being able to demonstrate its commitment to compliance with relevant laws, including legislative requirements, industry codes, organizational standards as well as standards of good corporate governance, ethics and community expectations.
Based on AS3806 (Compliance Processes), AS4360 (Risk) and ISO9001 (Quality), OpsCentre provides a number of compliance management services, including:
• Health checks and reviews of existing compliance systems
• Facilitation of development of compliance programs
• Identification of an organization’s compliance obligations: legal, regulatory and organizational.
• Assisting with documentation of necessary compliance processes and procedures
• Facilitation of development of compliance programs
• Compliance training and awareness programs
• Facilitation of executive compliance management
Business functions, systems or processes to be outsourced locally or internationally should comply with the organisation’s Business Continuity Management Policy and Outsourcing Policy. It is the responsibility of business owners, in conjunction with the sourcing department, to conduct adequate due diligence on the business recovery capability of the outsourced partner, however the relevant Business Continuity Managers need to ensure that all operational aspects of the functions outsourced are captured and reflected in the contractual documents.
Are your outsourced service and other third party providers are considered in your business impact analysis and business continuity strategy?
Many organisations have business continuity plans designed to cater for major catastrophes but often don’t consider some of the less dramatic but more common causes of business interruption such as extended power or IT failures. Consider whether your BCP has the flexibility to respond to the wide variety of incidents that may occur.