Given the possible impact/effects of a Solar Storm that parts of the world are experiencing, especially in parts of the United States, including my home state of Florida, should these be considered part of your business impact analysis (BIA) as a larger part of your Business Continuity plans and your enterprise risk management framework? (low probability/high impact)…
As you prepare to face the week ahead (professionally and personally), I would like to take a small point of privilege and respectfully suggest that effective and modern risk management is not, cannot be, just the methodologies, the standards, or the processes. Modern risk management is not a stand-alone process or a “fait accompli.” Much more…
How is that possible? (OK, OK, I AM SHOWING MY BIASES HERE) As you all may know, Operational risk assessments are essential tools for identifying potential hazards, vulnerabilities, and areas of improvement within an organization’s operations. By conducting these assessments, WASA can better understand the possible consequences of changes to their operations and develop strategies to…
“In an increasingly volatile world, achieving holistic organizational resilience is becoming the new requisite for corporate strategy and risk management”. ~ The McKinsey FERMA Study. In the last few years, the Caribbean, Central, and Latin America have been characterized by unprecedented negative disruptions and massive global challenges, whereby the resilience of economies has become paramount for sustainable…
As companies develop their strategic plans, I submit that agility must be one of the pillars of that plan. Companies must employ horizon scanning, using both a microscope and telescope to ensure they are looking at not only what is happening and immediate (what is close) but also what can happen (i.e., future-proofing) and what is farther away….
Whether you are aware of it or not, wicked problems exist in your organization today, yesterday, and tomorrow that must be identified and mitigated (as much as they can be mitigated). But what are wicked problems, you ask? I have shared below various quotes/definitions around what constitutes wicked problems. “In wicked (complex/dynamic) domains, the rules of the game…
If operational risk failures can happen to a bank with a US200 million dollar asset base, what about your bank? Why are we so comfortable (normalized deviance, confirmation bias, or availability bias?) with the internal controls of our banks in the Caribbean? “The Office of the Comptroller of the Currency announced on Wednesday that the bank…
When will “lessons learned” form part of the decision-making process? Risks eventuated because of these breaches are as follows but not limited to: Communication risks, people risk, risk culture, enterprise risks, Operational risks, IT risks, Cyber risks, and financial risks = Reputational risk Many (definitely not all) of the leaders of institutions either don’t seem to…
Cyber attacks have resulted in significant consequences for organizations of all sizes and sectors in the Caribbean, and it is essential to be aware of the risks that can precede them or risks that can act as “risk sources” for a cyber attack. One of those “risks” that has been identified as a possible major source is that of work…
“Objects in the mirror are closer than they appear” is the “warning sign” on your vehicle’s door mirrors. Applying this warning to the risk management space, one can identify Examples of risks that are much closer to your organization (and you) than they may appear to be: I would also like to “tweak” that warning sign and…
