Category Archives: Risk Management

The Many Paths to a Career in Risk

Posted on by

Over the years, I’ve had no shortage of people ask me how they can get my job as a senior risk leader. They see the possibilities and get a strong sense that risk management just might be a pretty interesting career track. Oftentimes these folks are sitting in some insurance related sub-function within the broader industry, anything from claims to loss control to underwriting and brokerage. Interestingly, many people who have had this experience (who are essentially developing specialists in these sub-functions) have frequently found that skill transferability from these specialized areas, to their “profession,” was often fraught with hurdles.

buy vidalista online meadowcrestdental.com/wp-content/uploads/2023/10/jpg/vidalista.html no prescription pharmacy

I have seen a parallel mind-set throughout much of my career in various industries in which I sought alternate employment. Most commonly it was in the manufacturing or health care sectors that insisted that any leader in their ranks, most especially a risk manager, needed to come from within their industry. They were the true believers and were typically inflexible about this minimum requirement.  They believed their industries were just too specialized and unique for a risk manager from another industry to succeed. They would argue that they didn’t want to invest in allowing the development of the full skill-sets or that their world could or should be learned by those coming from other industries, especially for a mid- to senior-level manager.

Needless to say, I disagreed vehemently with this view and with others in the insurance industry holding these inflexible positions, often to their detriment. Happily, in the last five years, some more progressive leaders in certain industries like health care are beginning to revise these positions in favor of seeing the value in having the new eyes, ears and perspectives that can only come from those experienced in industries other than their own. A good trend indeed.

As a practical matter, I have to mention that my most recent career move into a more strategic, brand enhancing role with a third party administrator has flummoxed a few peers and friends. These folks saw me as moving in the wrong direction, when in fact I was taking a substantive leap forward into long term strategic contributions that have, in fact, been the perfect segue to where I’d wanted to move at this point in my risk career. Coincidentally, my forte since 2001 and the future of the discipline, enterprise risk management, calls for a very specific move in a strategic direction that aligns with the long term interests of enterprises and their commitment to mission accomplishment.

So is there a preferred best strategy to preparing for a career in risk management? The truth is that while many of us developed the skills and experience that have been most valuable by rotating through the various insurance industry disciplines, there are now myriad ways to find your path into risk management and make it a career. From finance to legal to audit and especially spending time in operations, all these experiences pave part of the way toward success. They are a portion of what risk leaders need most to succeed in this era of a broader more diverse practice of risk management, call it enterprise risk management, strategic risk management, international risk management or just plain risk management, as I prefer.

buy reglan online meadowcrestdental.com/wp-content/uploads/2023/10/jpg/reglan.html no prescription pharmacy

In fact, a successful risk manager is one who needs a broad exposure to most core functions common to almost all entities of any complexity. At the end of the day, it’s hard to go wrong in preparing for a risk career, no matter where you spend time getting knowledge about the many sources of exposure that must be “risk managed.”

Cybercrime Costs Global Economy Up to $575 Billion

Posted on by

Cybersecurity

Cybercrime costs the global economy about $445 billion every year, though the damage may be up to $575 billion, according to a new report from the Center for Strategic and International Studies and software company McAfee. Further, the damage to businesses exceeds the $160 billion loss to individuals.

“Cyber crime is a tax on innovation and slows the pace of global innovation by reducing the rate of return to innovators and investors,” said Jim Lewis of CSIS. “For developed countries, cyber crime has serious implications for employment.”

Indeed, the biggest economies have suffered the most – the losses in the United States, China, Japan and Germany totaled at least $200 billion.

Businesses are sitting up and taking notice. A recent survey from Munich Re found that 77% of mid-size to large companies have or will have cyberinsurance in the next year. Yet, of the 23% that do not plan to buy insurance, nine out of 10 said this was because current coverage available does not meet their needs or would not be relevant for their business.

What are companies doing to manage cyber risk? Munich Re found:

Munich Re graph

Reputational damage has emerged as one of the biggest sources of loss from cyberbreach. Respondents said the biggest risk an incident would have pose to their business’s reputation is:

Munich Re reputational risk of cyberbreach

 

RIMS Risk Maturity Model: Root Cause Discipline

Posted on by

After the last article, which discussed the first two attributes of the RIMS Risk Maturity Model (RMM), ERM Based Approach and ERM Process Management; our focus here is on the third attribute, Root Cause Discipline.

Root Cause Approach

In Washington, D.C., officials tried, but were nearly helpless in stopping the deterioration of the Lincoln Memorial. Rather than address the damage with costly repairs, they instead traced the concern back to a root cause. Deterioration was caused by the high powered hoses needed to clean the building—which were necessary because the building was an attractive home for birds.

online pharmacy vidalista with best prices today in the USA

Birds were drawn to a very dense population of insects, which were attracted to the bright lights of the memorial.

online pharmacy amoxil with best prices today in the USA

So how do you stop the Lincoln Memorial from deteriorating? You dim the lights.

The root cause methodology provides clarity by identifying and evaluating the origin of the risk rather than the symptoms. Unveiling the triggers behind high level risk and loss events point to the foundation of where an organization is vulnerable.
buy eriacta online https://galenapharm.com/pharmacy/eriacta.html no prescription

Uncovering, identifying and linking risk back to the root causes from which they stem allows organizations to gather meaningful feedback, and move forward with accurate, targeted mitigation plans.

To illustrate an example in a business environment, consider the risk of inadequate training. Within an organization, there may be multiple departments experiencing risk regarding their training policies, procedures and documentation, yet each area is likely to be recording and recognizing this risk in its own way. The result is an extensive amount of information recorded in spreadsheets that requires time and energy to sort and sift through. By identifying the root cause, a risk manager can expose the underlying commonality between departments and their concerns, allowing more effective identification and mitigation of systemic risk.

Applying root cause to your current approach

To integrate this type of approach to an enterprise risk management (ERM) program, you must first identify the root cause foundation of your organization. The RMM is built on five root cause categories which cover all enterprise risks:

  • External – risk caused by third-party, outside entities or people that cannot be controlled by the organization
  • People – risks involving employees, executives, board members and all those who work for the organization
  • Process – risks that stem from the organizations business operations including transactions, policies and procedures
  • Relationships – risks caused by the organization’s connections and interactions with customers, vendors, stakeholders, regulators  or third parties
  • Systems – risks due to theft, piracy, failure, breakdown, or other disruption in technology, plant, equipment, facility, data or information assets

Understanding which core area of the organization a risk stems from provides the ability to effectively understand and mitigate the risk. For instance, theft from an external third party is very different than theft from an internal employee, and will thus have a very different response and mitigation strategy.

online pharmacy cymbalta with best prices today in the USA

One strategy would require an investment in IT or infrastructure, while the latter would need an HR policy change or new ethics program.

Looking for an example of root cause? Download our complimentary Risk Assessment Template.

Businesses Feel Less Prepared For Increasingly Risky World, Travelers Finds

Posted on by

In its 2014 “Business Risk Index,” Travelers surveyed more than 1,100 businesses on the top risks they perceive and how ready they are to mitigate those threats. Overall, respondents clearly see an increasingly risky world around them, but feel notably unprepared  to handle the risks.

buy advair rotahaler online www.delineation.ca/wp-content/uploads/2023/10/jpg/advair-rotahaler.html no prescription pharmacy

The top seven threats, in order of reported concern, are: medical cost inflation, increasing employee benefit costs, legal liability, broad economic uncertainty, cyberrisk, complying with laws, and attracting and retaining talent.

Check out this infographic for more of the study’s insights:

Travelers Business Risk Index