CARVER is a system for assessing and ranking threats and opportunities. Developed during World War II, CARVER (then one letter shorter and known as CARVE) can be both offensive and defensive, meaning it can be used for identifying your competitors’ weaknesses and for internal auditing. In addition, many security experts consider it the definitive assessment tool for protecting critical assets.
Since it draws on both qualitative … [ Read more ]
Content: Article | Author: Luke Bencie | Source: Harvard Business Review | Subject: Risk Management
In the early days of building a company, it’s hard to step back and think about the bigger picture when there are always so many fires to fight or opportunities to chase down. That’s a shame, because looking at your business from a 50,000-foot view often reveals areas of misplaced focus or resource misallocation.
One technique that can break through the bubble of always being in … [ Read more ]
Content: Article | Author: Leo Polovets | Subjects: Entrepreneurship, Risk Management
The critical question for executives concerned with their organization’s risk appetite is whether they are trusting their employees, at all levels, to make big enough bets without subjecting them to red tape.
Content: Quotation | Authors: Julie Goran, Laura LaBerge, Ramesh Srinivasan | Source: McKinsey Quarterly | Subjects: Management, Organizational Behavior, Risk Management
After watching other founders – including myself – flail about, pivoting their way through the darkness, I’ve become obsessed with being more systematic and disciplined about entrepreneurship. So I decided to take Leo Polovets’ lead and standardize risk management into a single spreadsheet, which you can copy, download, or remix.
Content: Article | Author: Josh Smith | Subjects: Entrepreneurship, Risk Management
In our experience, it helps to think of a crisis in terms of “primary threats” (the interrelated legal, technical, operational, and financial challenges that form the core of the crisis) and “secondary threats” (reactions by key stakeholders to primary threats). Ultimately, the organization will not begin its recovery until the primary threats are addressed, but addressing the secondary threats early on will help the organization … [ Read more ]
Content: Quotation | Authors: Mihir Mysore, Sanjay Kalavar | Source: McKinsey Quarterly | Subjects: Management, Risk Management
Nonfinancial risk has typically been addressed by one-off showcase initiatives based on a specific regulation or requirement, and left to experts in each field. What principles exist typically focus on adhering to formal standards and providing evidence that appropriate controls are in place. They are usually not embedded into the business but are instead delegated to risk and compliance departments, which have a limited understanding … [ Read more ]
Content: Quotation | Authors: Joseba Eceiza, Piotr Kaminski, Thomas Poppensieker | Source: McKinsey Quarterly | Subject: Risk Management
Traditional risk management policies and procedures were not designed for, quite literally, minute-by-minute monitoring of social media chatter to identify brand, strategy, compliance, legal and market risks.
Those risks are considerable. Financial institutions have had to shut down social media forums due to unanticipated negative feedback; the stock markets have been buffeted by fraudulent social network postings; businesses have had to change or rescind strategies … [ Read more ]
Content: Article | Authors: Jonathan Narveson, Rafael Gomes, Steve Culp | Source: Outlook Journal (Accenture) | Subject: Risk Management
No one can predict when disaster will strike—but knowing what to expect if it does will buy precious time.
Content: Article | Authors: Mihir Mysore, Sanjay Kalavar | Source: McKinsey Quarterly | Subject: Risk Management
Risk managers may argue that the basic principles of Risk and Control Management (R&CM) are well established, and indeed enshrined, in industry standards. The concepts may indeed be broadly known, but they are applied in such a scattered fashion that they are not fit for purpose.
The resourcing and costs of the R&CM approach should be aligned with the company’s structure, business model, and risk profile. … [ Read more ]
Content: Article | Authors: Joseba Eceiza, Piotr Kaminski, Thomas Poppensieker | Source: McKinsey Quarterly | Subject: Risk Management
Fast Company’s most extensive article in eight years, informed by hundreds of hours of interviews from inside and around the company, thousands of pages of documents that were leaked to us, on-site reporting from farms to industrial kitchens, and revealing discussions with Steve Ells, his co-CEO Monty Moran, and other top Chipotle leaders. It is an eye-opening, entertaining, and unvarnished look at a company and … [ Read more ]
Content: Case Study | Author: Austin Carr | Source: Fast Company | Subjects: Management, Risk Management | Company: Chipotle
Nestlé spent three decades building a beloved noodle brand in India. Then the world’s biggest food and beverage company stumbled into a public relations debacle that cost it half a billion dollars. A cautionary tale of mangled crisis management on an epic scale.
Content: Case Study | Author: Erika Fry | Source: FORTUNE | Subjects: Marketing / Sales, Public Relations, Risk Management | Company: Nestlé
The accessibility and fluidity of social media leaves organisations open to significant risks. But there are countermeasures organisations can take to prevent reputation disaster.
Content: Article | Author: Gilles Hilary | Source: INSEAD Knowledge | Subject: Risk Management
When companies think about cybersecurity […] most ask, “How can we protect ourselves and comply with standards or regulations?” instead of “How do we make confident, intelligent investments given the risks we face?” Many also treat cybersecurity primarily as a technology function rather than integrating it into business operations. As a result, they get the wrong answer about how to construct a cybersecurity program.
Content: Quotation | Authors: Chris Rezek, James M. Kaplan, Tucker Bailey | Source: McKinsey Quarterly | Subjects: IT / Technology / E-Business, Risk Management
The problem with many catastrophic risks isn’t just that their impacts, when they hit, are so massive. It’s also that their odds of occurring in any given short time frame are very small, so that planning for them has to be handled as a long-term priority while the proverbial sun is shining. And neither companies nor individuals are particularly apt at taking serious, long-term action … [ Read more ]
Content: Multimedia Content | Source: Knowledge@Wharton | Subject: Risk Management
Globalization has created new opportunities and new threats. As sourcing from around the world made supply chains longer and more complex, the volatility inherent in production significantly increased. The number of supply chain members and the interactions among them has grown, exacerbating the lack of transparency in the operating environment. Company executives have increased profitability through ever-shorter times-to-market and product life-cycles, business processes improvement, just-in-sequence … [ Read more ]
Content: Article | Authors: Bublu Thakur-Weigold, Kamil J. Mizgier, Stephan M. Wagner | Source: Ivey Business Journal | Subject: Risk Management
Just imagine, a few centuries ago, who would have thought that everyone will be able to read and write? Now, today, we need risk literacy. I believe if we teach young people, children, the mathematics of uncertainty, statistical thinking, instead of only the mathematics of certainty – trigonometry, geometry, all beautiful things that most of us never need – then we can have a new … [ Read more ]
Content: Quotation | Author: Gerd Gigerenzer | Source: Harvard Business Review | Subjects: Decision Making, Risk Management
We need statistical thinking for a world where we can calculate the risk, but in a world of uncertainty, we need more. We need rules of thumb called heuristics, and good intuitions. That distinction is not made in most of economics and most of the other cognitive sciences, and people believe that they can model or reduce all uncertainty to risk.
Content: Quotation | Author: Gerd Gigerenzer | Source: Harvard Business Review | Subject: Risk Management
Risk management isn’t just a matter of complex financial models and formal risk-management systems. It is an essential value-creating activity that should inform the strategic debate at every level of the organization. Here are ten basic principles that should govern “the art of risk management.”
Content: Article | Authors: Fabian Günther, Frank Plaschke, Marc Rodt, Ulrich Pidun | Source: Boston Consulting Group (BCG) | Subject: Risk Management
The future of risk management lies in an ability to incorporate and inspire more of the behaviors we want, finding new models to map, monitor, intervene, support, and react to the behaviors of individuals and groups—both the behaviors we want to encourage and those we’d like to avoid. Critically, this taking account of behavior means that we need a much sharper comprehensive strategy for corporate … [ Read more ]
Content: Quotation | Source: Business Finance Magazine | Subjects: Culture, Risk Management
Complex supply chains require sophisticated, connected tools to monitor risks, predict disruptions, and support rapid recovery as part of an overall resilience strategy. For leading companies, this line of thinking has led to an increase in adoption of advanced tools grounded in analytics and visualization.
Content: Article | Authors: Jerry O’Dwyer, Kelly Marchese | Source: Deloitte Review | Subjects: Operations, Risk Management