Risk

Risk potential is everywhere around us... do you know the potential risks to your organization? Identifying risk is the first step in mitigating it, and it should be the first step you take in your business continuity efforts. If you haven't done so, you can still assess your organizational risks and adjust your plan accordingly. This week's articles should help.

One of the most prevalent risks in the 21st century is reputation risk. (Item #1)   How secure is your IT and, therefore, your ability to function as an organization? (Item #2)   If you haven't done a thorough risk assessment, there are some techniques to help you through this process. (Item #3)  

Here are some steps in identifying business risk. (Item #4)   If you're at a loss as to where to begin, these top 10 methods for identifying business risk should help put you on the right track. (Item #5)   Determining your risk from natural disasters can be tricky, but this article can help you out with this. (Item #6)  

As always, we look forward to hearing your comments & insights regarding business continuity. If you have a topic you'd like us to cover, email me at [email protected].

Bob Mellinger, President
Attainium Corp



1. Reputation Risk: A Corporate Governance Perspective

In the last few years, mainly as a result of the erosion of public confidence in business organizations and securities markets, reputation and reputation risk have emerged as significant issues in corporate studies. Reputation has also become a measure of extra-financial value and business success. This comprehensive report covers everything from the need for reputation oversight to dealing with reputation threats.
http://www.complianceweek.com/s/documents/ConfBReputation.pdf


2. Risk Management Guide for Information Technology Systems

An effective risk management process is an important component of a successful IT security program. The principal goal of an organization's risk management process should be to protect the organization and its ability to perform their mission, not just its IT assets. Therefore, the risk management process should not be treated primarily as a technical function carried out by the IT experts who operate and manage the IT system, but as an essential management function of the organization.
http://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf


3. Risk Analysis Techniques

Regardless of the prevention techniques employed, possible threats that could arise inside or outside the organization need to be assessed. Although the exact nature of potential disasters or their resulting consequences are difficult to determine, it is beneficial to perform a comprehensive risk assessment of all threats that can realistically occur to the organization. Regardless of the type of threat, the goals of business recovery planning are to ensure the safety of customers, employees and other personnel during and following a disaster.
http://www.drj.com/new2dr/w3_030.htm


4. How to Identify Business Risk

Assessing and reducing business risk typically involves utilizing technology to understand, monitor and control risk. Once you identify and prioritize business risks, techniques to handle it include transferring the risk elsewhere, avoiding the risk, reducing the negative effects or accepting the consequences of the risk.
http://smallbusiness.chron.com/identify-business-risk-780.html


5. Top 10 Methods for Identifying Business Risks

If you ask a business executive to answer "what is your biggest risk," you may get 100 different answers from 100 different people. The worst answer is no answer at all; just a blank stare. The reason is the word "risk" is used too freely and can be defined in too many different ways to be interchangeable in all industries. Only after a risk has been defined will the 10 best methods for identifying that risk be useful.
http://praxiom-rm.com/2011/04/top-10-methods-for-identifying-business-risks/


6. Natural Disasters & Assessing Hazards and Risk

Risk Assessment involves not only the assessment of hazards from a scientific point of view, but also the socio-economic impacts of a hazardous event. Risk assessment aids decision makers and scientists to compare and evaluate potential hazards, set priorities on what kinds of mitigation are possible, and set priorities on where to focus resources. These highlights of a Tulane University course runs down the types of natural disaster risks and how to assess their likelihood.
http://www.tulane.edu/~sanelson/geol204/introduction.htm


Quote of the Week:

"If you don't invest in risk management, it doesn't matter what business you're in, it's a risky business."
-- Gary Cohn, president
Goldman Sachs


Contact Us:

Attainium Corp
15110 Gaffney Circle
Gainesville, VA 20155
www.attainium.net