Posts Tagged ‘risk management’
Friday, May 17th, 2013
 Regulatory pressure is consistently one of the biggest threats facing companies across industries, and the number one challenge facing financial services and energy and natural resources companies, says a new KPMG survey.
A full seventy percent of c-suite executives, across all industries, say that regulatory changes have caused either substantial or moderate changes in their risk management and reporting processes in the past two years.
- 59 percent of c-suite executives at financial services companies and 53 percent of c-suite energy and natural resources executives identified regulation as their top threat
- 50 percent of health care executives said government pressure to contain spending was their biggest threat
- 49 percent of executives in diversified industrials said an economic slowdown in OECD markets was their biggest risk
- 44 percent of executives in technology media and telecom said a slowdown in demand was their biggest threat.
Risk management not advancing fast enough
“We found that risk management is not advancing fast enough at most companies in the face of an array of threats in an increasingly complex global economy,” said Mike Nolan , KPMG International’s Global Leader for Risk Consulting.
“But companies can transform these challenges into a competitive advantage. All of their competitors are in the same boat, but very few are going to take advantage of the regulatory onslaught to become more competitive. The companies that do will be in a strong position to turn regulatory risk into an advantage.”
According to the KPMG report, in the financial services industry, banks and other financial institutions face a plethora of new regulations, especially in Europe and the United States, where international banks face at least 40 major sets of new regulations that affect everything from how retail customers are treated to the way derivatives are traded.
In addition, new global regulations for bank capital and liquidity, known as Basel 3, came into effect in January 2013.
The survey also revealed:
- Despite their awareness of the risk environment and devoting more resources to risk management, many companies struggle to communicate their risk program with stakeholders, link risk management with compensation and build an enterprise-wide view of threats.
- 86 percent of survey respondents said risk management is factored into strategic planning decisions
- Two thirds of respondents said they will invest more in risk management as a proportion of corporate revenue in the next three years than they did in the previous three
- Almost half profess difficulties in understanding their enterprise-wide risk exposure
- Less than one fifth have developed a formal risk appetite statement, yet this is an important step in risk management
- Less than half believe their organization is effective at developing stakeholder’s understanding of the risk program
- 43 percent said there was a weak link between risk management and compensation
“While the global financial crisis has created significant challenges for businesses, one positive outcome is boards’ desire for greater understanding of integrated risk management,” said Nolan.
“As trusted advisors, handling strategic risk is not about compliance and box-ticking, it is a critical investment companies make that can underpin an organization’s long–term growth, value and sustainability. It’s all about risk optimization and aligning an organizations’ risk appetite with desired returns.”
Four steps
Within the key areas covered by the survey, KPMG has outlined opportunities for leaders to foster a risk-resilient culture within their organizations, including:
Define, operationalize and articulate risk appetite
With today’s complex and changing risk environment, it is essential that companies clearly define and articulate their appetite for risk. Only then, can they begin to integrate risk management into the overall corporate strategy, making it an essential part of collaborative decision making, discussion, debate and learning.
Improve communication across the enterprise
By clearly defining roles in the three lines of defense (.i.e. business units, risk management and compliance functions, and internal audit) companies can close gaps in managing priority risks and eliminate duplication of efforts.
Also, by improving the quality and visibility of risk information through greater sharing, companies can create a seamless flow of information that will benefit all lines. Effective communication with stakeholders will enhance their understanding of the risk program and positively impact value in the minds of the board, investors and regulators.
Develop and reward your people
Technology is an enabler of the convergence of risk and control functions, but human skills are essential if companies are going to manage the complexity of this kind of convergence.
The setting of common goals for risk and compliance can only be done with sufficient numbers of people with the right skills. Furthermore, by including risk management as an important attribute for leadership with the ability to manage risk as part of regular performance reviews, companies can reward employees for prudent decision making, not just for aggressively hitting financial targets.
Clearly define Return on Investment
One clear trend in the survey is that companies are spending more to strengthen risk management despite their struggle to estimate its ROI. By understanding the link between risk management and corporate strategy and how identified risks threaten the achievement of business objectives, executives can move risk management from a theoretical exercise to a business tool.
The KPMG Global Survey Expectations of Risk Management Outpacing Capabilities—It’s Time For Action, was conducted by the Economist Intelligence Unit and can be found here.
Tags: demand slowdown, Healthcare, KPMG survey, regulatory, risk management
Posted in Best Practices, Government/Defense, Studies, surveys, reports | No Comments »
Monday, April 15th, 2013
 CEB (NYSE: CEB), a member-based advisory company, says its latest Executive Guidance indicates that 72 percent of companies are hindering peak performance with outdated and overly restrictive approaches to information security.
In today’scollaborative work environment, ability to access and leverage information is more critical than even before to drive productivity and growth.
Unfortunately, most companies are working with outdated policies that limit this access, resulting in as much as $20 million in performance drag annually for large organizations.
In a study of 3,000 executives and more than 220,000 employees, CEB found that companies must change the way they think about information risk shifting from a “reduction” to a “management” mindset in order to maximize productivity and achieve business goals.
Given that 81 percent of senior executives report that new uses of information are central to their growth strategy and 93 percent of employees admit to violating information security policies because they prevent them from doing their jobs effectively, organizations must learn to balance the risks and rewards of information access as a necessary cost of doing business.
“Most risk managers mistakenly believe their role is to reduce risk. Instead, the primary goal of information risk management must evolve from risk reduction to maximizing the business value of information,” said Jeremy Bergsman , managing director, CEB.
“Business unit leaders need to manage information risk differently to taking accountability for decision making. Risk management functions, including information security, legal and enterprise risk management, must work jointly to define the scope to be managed and the set of activities necessary for business leaders to successfully share responsibility.”
Business leaders seeking to manage risk effectively should stop risk managers from focusing on risk reduction, and instead direct them to empower business unit leaders to share in the risk management process.
By redefining information risk management as maximizing the business value of information, organizations can make responsible decisions that increase productivity and drive growth.
To learn more about the challenges of information risk management, visit CEB’s Executive Guidance.
Tags: CEB, collaboration, information security, peak peformance, restrictive policies, risk management
Posted in Best Practices, Security, Studies, surveys, reports | No Comments »
Friday, August 24th, 2012
 What do finance executives rank as their highest priorities in today’s world of complex transactions?
Not surprisingly, number one on their list is better business and competitive intelligence, according to the results of the 2012 Finance Priorities Survey conducted by Protiviti, a global consulting firm.
In the financial analysis category of the study, competitive intelligence (competitors, suppliers, regulatory environment, geopolitical climate, etc.) ranked as the top area of focus. Business intelligence (operations reporting) and executive dashboards tied for the second spot.
“A robust competitive intelligence capability enables companies to scrutinize the external landscape continually for information that decision-makers need to identify new growth opportunities and minimize and/or avoid strategic risks,” said James Pajakowski, executive vice president of global risk solutions for Protiviti.
Other areas of concern for financial execs the study says, include:
Bolstering financial risk management. Recent problems in that area such as JP Morgan Chase’s huge loss exposed the risky side of banking.
Complex transactional issues also rate as top priorities, the report says.
Financial institutions are under increased pressure to make traditional, transaction-heavy processes as efficient as possible, thus freeing up more time for financial analysis and business decision-support activities.
All of these priorities should be good news for IT and for companies with products that help the finance industry address these concerns.
Tags: 2012 Finance Priorities Survey, business and competitive intelligence, JD Power loss, Protiviti, risk management
Posted in Analytics, IT, Studies, surveys, reports | No Comments »
Wednesday, August 8th, 2012
 According to a new survey from Yahoo! Sports, the average fantasy football player spends more than 4 hours a week prepping for their fantasy matchup, an amount of time that would earn them more than $500 working a minimum-wage job over the course of a full season.
Some people even play at work – which, surprisingly enough doesn’t bother some firms, while others ban it, according to a poll of HR execs.
While some companies see it as a team-building activity, others have fired workers for playing on the job.
About 8 percent of fans admit to spending more than 10 hours a week preparing for fantasy football – the same percentage of fans, coincidentally, who report that they have been dumped due to a fantasy football obsession.
Other key findings include:
- Fantasy football over sex?
While 16% of respondents would give up sex for the entire season to win their fantasy league, more (19%) are willing to give up their mobile phone. The most respondents, 39%, would give up beer to win their league.
- Fantasy football and real money
75% of fantasy football players are willing to bet on fantasy football, with 12% open to wagering more than $250 in their league.
- Favorite teams vs. fantasy teams
35% of fantasy football players have rooted against their favorite NFL team when they had a fantasy player on the opposing team.
- The most powerful man in sports
Roger Goodell, NFL commissioner, was considered by the most respondents (26%) to be the most powerful commissioner in professional athletics by a significant margin — more than the NBA’s David Stern (10%), MLB’s Bud Selig (9%) and the NHL’s Gary Bettman (3%) combined.
- Gender bias?
43% of fans think we are more likely to see a woman become President of the United States than be in charge of a professional sports league as a commissioner, and 25% think neither is likely.
You too, can be a sports commissioner
The results of the Yahoo! Sports survey were released today to kick off the announcement of Yahoo! Sports’ Commissioner Appreciation Day on Monday, Aug. 27, to recognize and reward the important roles commissioners play before and during fantasy football season.
Serving as commissioner of a fantasy football league can be a thankless job, but not this year. Yahoo! is giving three grand prize winners of the inaugural Commissioner Appreciation Day the chance to win two tickets from SeatGeek to eight regular-season games of the pro football team the winner chooses.
If you’re responsible for reviewing trades, collecting dues, scheduling drafts, and settling disputes, Yahoo! is making it worth your trouble this year.
Simply go to http://football.fantasysports.yahoo.com/f1/signup and create a league on Yahoo! Fantasy Football 2012. Once you’ve established yourself as commissioner of a league, tweet your numerical League ID to @YahooSports using the hash tag #YahooCommish before 5 p.m. (PT) on Aug. 27 and you’re automatically entered to win a number of prizes leading up to Commissioner Appreciation Day.
In addition to the grand prize, 15 commissioners will be eligible for one-on-one consultations with one of Yahoo! Sports’ Fantasy Football analysts – Andy Behrens, Brad Evans, Brandon Funston, or Scott Pianowski – and you can also have a chance to win other prizes, including Yahoo! Fantasy Football T-shirts, which will be awarded throughout the contest. All winners will be selected randomly from the pool of eligible entrants.
Tags: Fantasy football, HR poll, playing at work, risk management, survey, Yahoo
Posted in games, Internet/New Media, Studies, surveys, reports, Tech life/Culture | No Comments »
Friday, March 9th, 2012
 An issue of the Harvard Business Review Global companies are intensifying their focus on enterprise-wide risk management (ERM) in the wake of the 2008 financial crisis and recession, but most executives feel their companies have a long way to go in building an effective, risk aware culture, according to a new survey by Harvard Business Review Analytic Services.
“Ownership of risk cannot be overstated, since the survey indicated that companies that employ a Chief Risk Officer, who works in tandem with the CEO and their executive leadership, scored highest in proactively managing risk in the organization”
Over two-thirds of 1,419 business executives surveyed in the new research sponsored by Zurich said risk management has increased in importance over the past three years. Yet only one in ten said their executive management is “highly effective” in creating a strong risk-management culture.
And while the need to link risk information to strategic decision making was identified as extremely important, only 14% felt their organization did that extremely well.
Among the top barriers to better risk management cited:
- Over-focusing on compliance rather than fundamental processes (42%)
- Lack of strong management support (41%)
- Reluctance to de-silo related information (35%)
A majority of the companies said their approach to enterprise risk management continues to be basic or reactive. However, about 40% of executives surveyed considered their approach to ERM to be “proactive,” involving the board as well as business and functional leaders at all levels of the organization.
This “best practice” group included financial services, health care, and energy companies and those with 10,000-plus employees. But many other industries have instituted ERM processes or improved their practices.
Executives in companies taking the proactive approach said that integrating risk management and corporate goals was key to gaining competitive advantage.
The study made clear that risk management needs to have a clear owner to be effective— executives reported that Chief Risk Officers are far more likely to oversee risk management now, than three years ago, although the CEO bears ultimate responsibility.
The study also found that at companies with strong ERM processes, “ownership” of risk stays in the hands of business and functional leaders. The CRO’s role is to advise and assist them, staying in regular communication and providing them with resources to better manage risk themselves. The result is what executives interviewed for the study call a “collaborative culture” that integrates risk awareness into the company’s strategic planning.
“Ownership of risk cannot be overstated, since the survey indicated that companies that employ a Chief Risk Officer, who works in tandem with the CEO and their executive leadership, scored highest in proactively managing risk in the organization,” said Alex Clemente, managing director of Harvard Business Review Analytic Services.
Integrated approach helping
Some of the top benefits of ERM that respondents cited were not directly related to risk management. Instead, respondents described the integrated risk management approach as helping their companies achieve better operational performance by removing siloed communication and by fostering:
- Improved strategic decision making (39%)
- Improved governance (34%)
- Increased management accountability (31%)
Executives in the survey stressed that their goal was not to create a risk-averse environment but one in which better measurement and understanding of risk gives them more confidence about making strategic decisions to build the business.
“There is no doubt that in today’s challenging environment customers, shareholders and employees expect clear commitment to comprehensive and forward looking risk management from top management and board. Supporting the findings of the survey that it is extremely important to link risk information to strategic decision making, 41% of the companies said they are deepening and extending the ties between risk management and strategic planning,” said Axel Lehmann, Chief Risk Officer at Zurich.
To access a copy of the Risk Management in a Time of Global Uncertainty report, please visit: www.hbr.org/white-paper/risk-management.
Tags: barriers, chief risk officer, Harvard Business Review, risk management
Posted in Best Practices, Business advice, Security, Studies, surveys, reports | No Comments »
Friday, December 30th, 2011
 With high profile security breaches in the news throughout 2011, security firm Agiliance sees dramatic changes ahead for the security industry in 2012. It’s list of predictions for the coming year in security focus on mobile, cloud computing, legislation, and social media.
These predictions are based on the company’s engagement with Global 2000 companies, government agencies, fellow security vendors, industry analysts and security consultants, as well as market research it conducts on a regular basis.
Topping the list is Agiliance’s prediction that organizations will recognize that risk is security’s new compliance.
A risk-based approach and holistic view of the organization’s IT infrastructure will be driven by further consumerization of IT, challenges related to social media as an instrument in cyber warfare, stricter enforcement and new legislation focused on data protection, threat information sharing, and incident disclosure, as well as the emerging need to assess cloud service providers’ ability to enforce security policies and continuously maintain an adequate compliance posture.
“For many years, complying with government standards and industry regulations has been seen as a check box in the lengthy list of IT security tasks,” said Torsten George, vice president of worldwide marketing at Agiliance.
“In 2012, we will see progressive organizations applying a risk-based, continuous approach to security. By doing so, they will be able to make risk visible, measurable, and actionable.”
Specifically, Agiliance expects dramatic changes in the following areas:
Mobile Devices and Social Media
New products and services will emerge that deal with the necessary delineation of employer-owned versus employee-owned data on mobile devices.
These products will go beyond anti-virus and malware software to deal with embedded strong authentication, secure mobile operating systems scanners, mobile operating system vulnerability scanning, and data segregation / encryption. For social media threats, existing security tools’ capabilities will be extended to cover monitoring of social media networks to tackle the emergency of social media cyber warfare.
Cloud Computing Security
Agiliance predicts an acceleration of efforts to create standards around cloud security, primarily driven by the data consolidation efforts of the U.S. government as well as wide-ranging support of the Cloud Security Alliance. Independent, continuous monitoring of cloud service providers’ security controls will become a standard part of service level agreements.
Legislative Initiatives
Agiliance predicts that, in the second half of 2012, a government mandate will be passed that will lead to a pro-active Information Security Risk Management system and related best practices to tackle cyber security threats.
Similar to stricter enforcement policies of the HiTech Act by the HHS, regulations penalty cases will surge in 2012. Furthermore, privacy audit is becoming a major driver behind security tool investments as organizations are coming up short on audits relating to data breaches, disclosure notifications, data handling, attribution, and incident closure.
Anti-Cyber Crime Collaboration
Sharing of sensitive threat information will become essential to prevent widespread cyber attacks across different verticals and industries. Nowadays, cyber criminals are coordinating their efforts and are well-versed in sharing vulnerabilities and attack methodologies. They even have their own online communities where they exchange information.
This is unmatched by the commercial sector and government agencies. As a result, Agiliance predicts that the increase in cyber security attacks and data breaches will lead to the introduction of a formal information sharing database that will be made accessible to a broader group.
Risk is Security’s New Compliance
With more than 365 security incidents reported this year to date, affecting over 126 million records, cyber security attacks have become a mainstream event in the industry.
Based on these changes, Agiliance predicts further increase in demand for software tools that are able to aggregate data from existing security tools and information management applications to make risk visible, measurable, and actionable.
These tools will not only provide advanced reporting capabilities, but interconnectivity to ensure that remediation actions can be triggered and followed through easily. To better describe the capabilities of these tools, analysts will create a new software category called Security Risk Management.
For the in-depth predictions, data, and accompanying graphics, please see Agiliance’s 2012 IT Security Predictions:http://www.agiliance.com/forms/WhitePaperReg.html?doc=Security_Predictions.
Tags: Agiliance 2012 security industry predictions, anti-crime collaboration, cloud computing secuirty, cyber security legislation, mobile security, risk management, social media
Posted in Cloud, Internet/New Media, IT, Mobile, Security, smartphones, social media, Studies, surveys, reports, Telecommunications | No Comments »
Thursday, February 24th, 2011
 TAMPA, FL – Pilgrim Software Inc., a provider of enterprise software focused on compliance, quality, and risk management has received an investment in an undisclosed amount from Boston’s Riverside Partners. Pilgrim’s software helps companies in regulated industries – particularly within the life sciences and healthcare industries – manage an increasingly complex regulatory and compliance environment. Riverside’s investment was completed in partnership with the Pilgrim management team and founders of the business.
Pilgrim offers a fully integrated suite of enterprise software to hundreds of blue-chip customers in the life science, food and beverage, and manufacturing industries. Pilgrim boasts industry-leading customer satisfaction and retention rates and has received numerous awards for its offering, including Frost & Sullivan’s Enterprise Compliance & Quality Mgmt Company of the Year for three years in a row.
The company offers its customers both a perpetual license and a subscription-based (hosted) model.
“Pilgrim has built a software platform that helps customers improve overall governance, compliance, and quality; increase productivity; lower costs; and reduce risk. Pilgrim’s products suite is particularly relevant in this era of increased scrutiny by the FDA and other regulatory bodies,” said Philip Borden, a General Partner at Riverside Partners.
“Pilgrim Software removes the need for paper-intensive compliance and quality processes, and enables companies to streamline their operations. Pilgrim addresses a critical need in today’s highly regulated environment and we look forward to partnering with the Company to help it continue on its strong growth trajectory.”
TechJournal South is a TechMedia company. TechMedia presents the annual conferences:
SoutheastVentureConference: www.seventure.org
Internet Summit: www.internetsummit.com
Digital East: www.digitaleast.com
Digital Summit: www.digitalsummit.com
Tags: Boston, financing, FL, M&A, Pilgrim Software, risk management, Riverside Partners, software for regulated industires, Tampa
Posted in Florida, IT, Money | No Comments »
Monday, June 7th, 2010
 FALLS CHURCH, VA – In the latest in a series of recent acquisitions, Altegrity, a screening and security solutions company, has acquired risk management firm Kroll Inc. in an all-cash deal valued at $1.13 billion.
In February, Altegrity acquired DC based Corporate Risk International.
In November, it acquired John D. Cohen Inc., a contract provider of national security policy guidance and counsel to the federal government.
Following the completion of the transaction, Altegrity companies will have approximately 11,000 employees across 30 countries providing information and insight to business leaders making decisions about employment, litigation, investment, security, risk and regulatory compliance matters.
Tags: Altegrity, Kroll, risk management, Virginia
Posted in Acquisitions, Government/Defense, Internet/New Media, IT, Potomac, Security, Virginia, Washington, DC | Comments Off
Monday, February 1st, 2010
 WASHINGTON, DC – Altergrity Risk International Inc. has acquired DC-based Corporate Risk International, a business intelligence and risk management firm.
Among other services, CRI handles cases involving kidnapping, illegal detention, and extortion. Since 1993, CRI has successfully responded to more than 500 such crises in every major country around the globe.
Terms of the deal were not disclosed.
Founded in 1991, CRI specializes in U.S. and international due diligence and investigative projects, white collar crime investigations, business intelligence gathering, undercover investigative operations, and anti-money laundering analyses. The company also conducts security and risk assessment surveys and provides crisis management and executive protection services.
New York-based Altegrity Risk International provides high quality due diligence, investigative, analytic, consulting, intelligence, and security solutions to multinational corporations and other organizations around the world.
Tags: Acquisitions, DC, Potomac, risk management
Posted in Acquisitions, IT, Legal, Security, Washington, DC | No Comments »
|
|
|
