The first question on the mind of business owners, executives, and managers whose organizations have been victimized by fraud is how. Understanding the factors that cause an individual to commit an act of fraud can help companies avoid becoming repeat victims and put systems in place to prevent such acts from occurring.
Occupational fraud is defined as “the use of one’s occupation for personal enrichment through the deliberate misuse or misapplication of the employing organization’s resources or assets.” Occupational fraud schemes are clandestine. They violate the perpetrator’s fiduciary duties to the victim organization. They are committed for the purpose of benefiting the perpetrator. And they cost victim organizations assets, revenue, and/or reserves. In fact, U.S. companies will lose 5% of their annual revenue to occupational fraud this year.
For good reason, prevention of occupational fraud is at the center of enterprise risk management strategies. … Continue reading
In today’s digital era, news travels quickly across social media and offers high and immediate visibility to headlines that may affect a brand’s reputation. Product recalls, data breaches, systems failures, poor customer support, compliance failures—it’s all out in the open. As such, reputational risk has become a distinct category within the framework of enterprise risk management. Meanwhile, information technology has a vital role to play in organizations around the world as the driver of the digital era. IT touches all aspects of business operations, communication, customer engagement, and commerce.
IBM’s 2012 Global Reputational Risk and IT Study, conducted in June 2012 by the Economist Intelligence Unit, garnered responses from 427 senior executives from around the world. The results show a strong connection between IT risk and reputational risk, centering on three key IT responsibilities: Security, business continuity, and technical support. Security-related issues, such as data breaches that threaten personal information or credit card data, was also named as the number one IT risk posing threats to reputation.
Looking Beyond the Rearview Mirror
One of the most profound findings of the IBM study is that many companies still take a reactive approach to IT risk management. These organizations are dedicating resources to managing risks such as data breaches, system failures, and data backup failure only after they experience a significant issue. Emerging risks that have yet to cause serious reputational damage have simply not been addressed properly.
Many others – 64% of respondents – say their organizations will focus more on managing reputational risk than they did five years ago. Still, the study finds that executives tend to make sweeping assumptions about their organizations’ security and resiliency related to IT risks—generally considering themselves better protected than they actually are.
The following infographic from IBM summarizes the results of its 2012 reputational risk and IT study.
The team of IT risk managers at Lowers Risk Group can help you build strong and secure IT department that protects against the risks of technology, compliance, and reputation.
Uncertainty is and always has been the issue of contention for risk managers. But the degree and range of global uncertainty faced by organizations around the world is truly unprecedented. Events that have occurred since the 2001 terrorist attacks point to levels and areas of risk many had never before imagined. Natural disasters, acts of terror, corporate governance scandals, the dot-com collapse, the housing bubble burst—events like these and the uncertainty they have injected into the world have caused organizations to place a greater and broader emphasis on risk management.
More than ever, the focus is on being proactive, instead of reactive. … Continue reading
Emerging risks—both new risks and familiar risks in unfamiliar conditions—have taken on new meaning and importance in today’s increasingly uncertain world. As the unimaginable global impact of events such as the euro crisis, the subprime mortgage crisis, the tsunami in Japan, the Arab spring uprisings, Hurricane Sandy, flooding in Thailand, and other events caused damage beyond what could have been predicted, emerging risks have earned the attention of executives and board members in corporations around the world. … Continue reading
Headlines this time of year tend to center on predictions for the coming year and reflections on the year past. An unprecedented number of risks face managers in the year ahead, yet one theme prevails in our minds as defining the challenge for risk managers in 2013: Uncertainty.
Uncertainty is the new normal.
Companies face a rapid rate of change across all dimensions of business, and risks that many never imagined have entered the realm of possibility for organizations. It would be difficult for any company to have predicted or planned for the truly global impacts of such seemingly ‘local’ events including the euro crisis, the subprime mortgage crisis, the tsunami in Japan, the Arab spring uprisings, Hurricane Sandy, flooding in Thailand… and the list goes on.
In today’s hyper-connected world, the damage caused by even “small” problems can far exceed expectations.
A recent Fortune magazine article focused on the issue of uncertainty as it relates to policymaking, and labeled uncertainty as “business’s real problem.” The author explains that uncertainty creates a pattern of “paralysis” in which policymakers put decision-making on hold and business leaders are left without a predictable set of rules by which to make decisions.
Indeed, unnerving might be a better label for the environment we face.
Uncertainty is and always has been the issue of contention for risk managers. But the degree and range of global uncertainty faced by organizations around the world is truly unprecedented. Events that have occurred since the 2001 terrorist attacks point to levels and areas of risk many had never before imagined. Natural disasters, acts of terror, corporate governance scandals, the dot-com collapse, the housing bubble burst—events like these and the uncertainty they have injected into the world have caused organizations to place a greater and broader emphasis on risk management.
Emerging risks—both new risks and familiar risks in unfamiliar conditions—have taken on new meaning and importance in today’s increasingly 