Post-CrowdStrike, Six Questions to Test Your Company’s Operational Resilience

Companies unprepared for disasters put not only their competitive advantage but their very existence at risk. Hise Gibson and Anita Lynch break down what a company needs to build its operational resilience, starting with its people, processes, and technology.

How CEOs can mitigate compounding risks

When risks combine, the cumulative impact can have existential consequences. But leaders can prevent compounding risks from sneaking up on them by adapting risk processes to manage multiple threats.

Uniting Strategy and Risk Management to Seize Opportunity in Uncertainty

Today’s more uncertain environment calls for newer, more dynamic approaches to risk management and strategic planning. Successful companies foster a culture of strategic humility, anticipatory preparedness, and a willingness to act to own the future as it unfolds. And they have four critical characteristics:

  • They see risk as a two-sided coin with challenge on one side and opportunity on the other.
  • They explore the strategic implications of

[ Read more ]

Building resilience in a polycrisis world

To stay operational, even in the worst of times, focus on what matters most. It will change your risk culture.

The Art of Risk Management

We worry that in their headlong embrace of formal systems of risk management, many companies are pursuing a highly technical approach to risk management—characterized by complex financial models and elaborate, formal risk-management systems—in isolation from the day-to-day activities of the broader organization. The result is that risk management may exist as a formal function, but it is not really embedded in the “mindset” of the … [ Read more ]

How Firms Can Overcome the ‘Paradox of Preparedness’

When major threats are looming, but their timing is uncertain, it’s hard for business leaders to make an action plan for dealing with them. Wharton marketing professor emeritus George Day and global management consultant Roger Dennis call it “the paradox of preparedness.” In this essay, they offer four steps to help leaders heed the warning signs of disaster before it’s too late.

Forget Dumb Luck – Try Smart Luck: Strategies to Get Lady Fortune on Your Side

Most people view luck as the opposite of determinism, control, or strategic intent. But because we can often influence situations in which chance plays a role, these forces are actually linked. The first challenge is to reframe your views about luck and realize that it usually entails much more than random chance. Yes, the primary force behind luck is the way that probabilities play out, … [ Read more ]

Simplifying Cybersecurity

Have our institutions become too complex to secure?

The Disaster You Could Have Stopped: Preparing for Extraordinary Risks

Ignoring high-consequence, low-likelihood risks can be damaging to an organization, but preparing for everything is impossibly costly. Here is how leaders can make the right investments.

A 6-Part Tool for Ranking and Assessing Risks

CARVER is a system for assessing and ranking threats and opportunities. Developed during World War II, CARVER (then one letter shorter and known as CARVE) can be both offensive and defensive, meaning it can be used for identifying your competitors’ weaknesses and for internal auditing. In addition, many security experts consider it the definitive assessment tool for protecting critical assets.

Since it draws on both qualitative … [ Read more ]

How to Use Thought Experiments to De-Risk Your Startup

In the early days of building a company, it’s hard to step back and think about the bigger picture when there are always so many fires to fight or opportunities to chase down. That’s a shame, because looking at your business from a 50,000-foot view often reveals areas of misplaced focus or resource misallocation.
 
One technique that can break through the bubble of always being in … [ Read more ]

Lower Your Startup Risk with this Template

After watching other founders – including myself – flail about, pivoting their way through the darkness, I’ve become obsessed with being more systematic and disciplined about entrepreneurship. So I decided to take Leo Polovets’ lead and standardize risk management into a single spreadsheet, which you can copy, download, or remix.

A Comprehensive Approach to Managing Social Media Risk and Compliance

Traditional risk management policies and procedures were not designed for, quite literally, minute-by-minute monitoring of social media chatter to identify brand, strategy, compliance, legal and market risks.

Those risks are considerable. Financial institutions have had to shut down social media forums due to unanticipated negative feedback; the stock markets have been buffeted by fraudulent social network postings; businesses have had to change or rescind strategies … [ Read more ]

Are You Prepared for a Corporate Crisis?

No one can predict when disaster will strike—but knowing what to expect if it does will buy precious time.

Nonfinancial Risk Today: Getting Risk and the Business Aligned

Risk managers may argue that the basic principles of Risk and Control Management (R&CM) are well established, and indeed enshrined, in industry standards. The concepts may indeed be broadly known, but they are applied in such a scattered fashion that they are not fit for purpose.

The resourcing and costs of the R&CM approach should be aligned with the company’s structure, business model, and risk profile. … [ Read more ]

Preventing Social Media Armageddon

The accessibility and fluidity of social media leaves organisations open to significant risks. But there are countermeasures organisations can take to prevent reputation disaster.

Pragmatic Risk Management in a Tightly-Coupled World

Globalization has created new opportunities and new threats. As sourcing from around the world made supply chains longer and more complex, the volatility inherent in production significantly increased. The number of supply chain members and the interactions among them has grown, exacerbating the lack of transparency in the operating environment. Company executives have increased profitability through ever-shorter times-to-market and product life-cycles, business processes improvement, just-in-sequence … [ Read more ]

The Art of Risk Management

Risk management isn’t just a matter of complex financial models and formal risk-management systems. It is an essential value-creating activity that should inform the strategic debate at every level of the organization. Here are ten basic principles that should govern “the art of risk management.”

From Risk to Resilience: Using Analytics and Visualization to Reduce Supply Chain Vulnerability

Complex supply chains require sophisticated, connected tools to monitor risks, predict disruptions, and support rapid recovery as part of an overall resilience strategy. For leading companies, this line of thinking has led to an increase in adoption of advanced tools grounded in analytics and visualization.