Forrester Research and the Disaster Recovery Journal have teamed up to launch a study examining the state of business and technology resiliency.
Organizations encounter risk every day as they pursue their objectives. In conducting appropriate oversight, management and the board must deal with a fundamental question: How much risk is acceptable in pursuing these objectives? Added to this, regulators and other oversight bodies are calling for better descriptions of organizations’ risk management processes, including oversight by the board.
From Enron and WorldCom to the more recent financial crisis, events of the last decade have fundamentally shifted how organizations think about risk. Companies around the world have made substantial investments in personnel, processes and technology to help mitigate and control business risk. Historically, these risk investments have focused primarily on financial controls and regulatory compliance.
However, these investments have often not addressed more strategic business risk areas. As a result, senior executives may not perceive risk management as strategic to the enterprise. Senior executives also may not have sufficient confidence in their ability to identify and address the risks that could impact the financial performance − or even the viability — of their organization.
A strategic question presents itself: “Do organizations with more mature risk management practices outperform their peers financially?”
See Turning risk into results: How leading companies use risk management to fuel better performance by Ernst & Young.
Your enterprise approach to business risk and its influence on corporate governance will be profoundly influenced by by David Kaye and Julia Graham in their landmark book, A Risk Management Approach to Business Continuity: Aligning Business Continuity with Corporate Governance.
Every indication suggests that we have passed a major inflection point in the continuity industry.
Enterprise security budgets have always been difficult to justify, and the global economic crisis is making this critical process even more difficult, according to Gartner, Inc. Corporate security professionals face a complex situation as they work with highly constrained financial and staffing resources to manage and mitigate a rapidly changing and expanding risk environment.
Nearly three-quarters (74%) of businesses are taking a hands on approach to managing supply chain risks, according to the latest Risk in 21st Century Supply Chains survey, the second report from global risk adviser Aon and strategic business partner State of Flux.
Sixty-seven percent of businesses want to adopt a more strategic approach to risk management, of which ERM (enterprise risk management) is generally seen as a key component, according to the findings in the Excellence in Risk Management VI: Strategic Risk Management in Practice report, a collaborative effort between Marsh and Risk and Insurance Management Society, Inc. (RIMS).
Successfully resuming business operations after a significant business interruption or disaster requires a business continuity plan developed by an influential business executive, experts say. This contrasts with the reality at many organizations, where the IT executive who successfully developed the disaster recovery plan and/or the business continuity plan for IT is tapped for the broader initiative.
The turmoil in the financial industry has brought a greater awareness of enterprise risk management (ERM) and the technologies that risk practitioners use to implement ERM programs. The Risk and Insurance Management Society (RIMS) recently published an executive report titled Enterprise Risk Management Technology Solutions to help risk managers identify and evaluate appropriate technology system functionality for their ERM practices.
The Risk and Insurance Management Society (RIMS) recently issued a white paper entitled: The 2008 Financial Crisis: A Wake-up Call For Enterprise Risk Management, which reports that ERM could have ”identified and mitigated losses” for many of the entities affected.
The IT Governance Institute recently issued an exposure draft of its research publication Enterprise Risk: Identify, Govern and Manage Risk, The Risk IT Framework. This IT enterprise risk management framework is designed to allow business managers to identify and assess IT-related business risks and manage them effectively.