The physicist Fritjof Capra once said, “The more we study the major problems of our time, the more we come to realize that they cannot be understood in isolation. They are systemic problems, which means that they are interconnected and interdependent.” Capra was making the point that biological ecosystems are complex, interconnected and require a holistic contextual awareness of the intricacy in interconnectedness as an integrated whole – rather than a dissociated collection of systems and parts. Change in one area has cascading effects that impact the entire ecosystem. This interconnectedness and a demand for a 360° contextual awareness apply to the world of business. Organizations need to see the intricate relationships of objectives, risks, and boundaries of the enterprise.
Gone are the years of simplicity in business operations. Exponential growth and change in risks, regulations, globalization, distributed operations, competitive velocity, technology, and business data encumbers organizations of all sizes. Keeping business strategy, performance, uncertainty, complexity, and change in sync is a significant challenge for boards and executives, as well as management professionals throughout all levels of the business.
Today’s organizations have to have holistic visibility and 360° contextual awareness of risk in the context of objectives across the enterprise. This presentation details how organizations need to be proactive in managing risk to be more:
- Aware. They need a finger on the pulse of the business and watch for a change in the internal and external environments that introduce risk to objectives.
- Aligned. They need to align performance, risk management, and compliance to support and inform business objectives.
- Responsive. Organizations cannot react to something they do not sense. Mature risk management is focused on gaining greater awareness and understanding of information that drives decisions and actions and improves transparency.
- Agile. Stakeholders desire the organization to be more than fast; they require it to be nimble.
- Resilient. The best-laid plans of mice and men fail. Organizations need to be able to bounce back quickly from changes in context and risks with limited business impact.
- Efficient. They build business muscle and trim the fat to rid expense from unnecessary duplication, redundancy, and misallocation of resources; to make the organization leaner overall with enhanced risk capability and related decisions about the application of resources.
GRC 20/20 Speaker
Michael Rasmussen – The GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 26+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” — being the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.
Wisconsin is home for some of the nation’s best Corporations, Healthcare Organizations, Educational Institutions, High Tech Firms, Insurance as well as many specialized industry and service segments. Each of these organizations is unique, but they all face the same challenges in securing their Information and Supporting Resources.
ISSA Wisconsin serves as a focal point for these organizations in providing an educational environment and technical resource. Our resources are comprised of timely topics covering best practice concepts through cutting edge solutions to address what the security environment anticipates to be our next challenge.
Peer networking among the Chapter membership permits the sharing of ideas relevant to the security domain. It also provides an “extended team” philosophy to leverage against.
Finally, our monthly membership meetings provide the common ground for all of the aforementioned elements. We learn together through the industry-leading experts delivering content relevant to changing technology through current events.