Risk Management

Risk is anything that can derail your organization from accomplishing its mission. You need to identify the risks, determine their probable impact on your organization, then determine which risks to accept, which to mitigate, and how to deal with them. This week's articles can help you with that task.

How are business continuity and risk management related in your organization? (Item #1)   A Microsoft manager shares some insights into how his company reduces risk. (Item #2)   Which approach to risk was right in this case? (Item #3)  

Are you aware of the risks involved in ending relationships with employees and vendors? (Item #4)   Don't look too closely at risk... stepping back can give you a more critical view. (Item #5)   Here are some tips to help you plan your risk management strategy. (Item #6)  

As always, we look forward to hearing your comments & insights regarding business continuity. If you have a topic you'd like us to cover, email me at [email protected].

Bob Mellinger, President
Attainium Corp

1. Is business continuity a subset of risk management?

The author explores the relative positioning of business continuity and risk management within organizations and explains why this is an important debate. It's a debate on which there are three points of view: those that say the functions are closely related and sit side by side; those that feel they are indelibly linked and that continuity is a component of the risk function; and those that agree to the link between the two but not the order of hierarchy.
http://www.continuitycentral.com/feature0178.htm

2. Reducing Operational Risk through Business Continuity Management

The goal of any Business Continuity program should be to create and maintain operational resiliency. A Microsoft program manager shares some insights about the company's approach. There is a link to a companion video if you wish to watch it.
http://blogs.msdn.com/b/infosec/archive/2010/01/20/reducing-operational-risk-through-business-continuity-management.aspx

3. A Tale of Two Risk Management Decisions

Two of us looked at an event and made similar estimates of the likelihood of it recurring. However, one of us chose to accept the risk; the other, chose to mitigate it. Which of us was right?
http://www.riskythinking.com/articles/article2.php

4. Happy Endings

Every day across the U.S., nonprofit leaders experience endings of one kind or another. The departure of a long-time employee, the retirement of a board member, and the decision of a small commercial vendor to narrow its scope of services are just a few examples of common endings. The purpose of this article is to offer practical advice about managing the risks associated with relationships that are fated to end.
http://www.nonprofitrisk.org/library/newsletter/rme_fall_2010.pdf

5. Stepping Back: The Outer Rim of Risk

The discipline of risk management invites a close-up examination of events and circumstances that threaten the mission and goals of an organization or that offer the promise of mission-advancing benefit. Nonprofit CEOs, CFOs, senior staff and even board members are instinctively drawn to taking a closer look at the risks that cause them to lose sleep or inspire optimism about the future.
http://www.nonprofitrisk.org/library/articles/Stepping_Back.shtml

6. Risk Management - Tips to Plan A Strategy

While interruption and recovery due to physical loss may be covered through Property and Business Interruption insurance, loss of data, software or communications requires some early and careful planning. Without access to these elements your ability to carry out basic customer service could come into question, resulting in growing customer dissatisfaction. Regardless of whether your business disruption is computer related or not, you should have a well-prepared plan to deal with unforeseen circumstances. The ultimate objective is to allow your business to respond quickly, ensuring the impact of disruption is minimized.
http://www.ceoonline.com/pages/2_9_1466.aspx