Gone are the years of simplicity in business operations. Exponential growth and change in risks, regulations, globalization, distributed operations, competitive velocity, technology, and business data encumber organizations of all sizes. Keeping changes to business strategy, operations, and processes in sync is a significant challenge for boards, executives, and management professionals throughout all levels of the business. The interconnectedness of objectives, risks, resilience, and integrity require 360° contextual awareness of risk and resiliency. Organizations must see the intricate relationships and impacts of objectives, risks, processes, and controls. It requires holistic visibility and intelligence into risk and resiliency. The complexity of business – combined with the intricacy and interconnectedness of risk and objectives – necessitates organizations implement a strategic approach to business and operational risk and resilience.
Organizations take risks all the time but fail to monitor and manage these risks effectively in an environment that demands agility. Too often, risk management is seen as a compliance exercise and not truly integrated with the organization’s strategy, decision-making, and objectives. It results in the inevitable failure of risk management, providing case studies for future generations on how poor risk and resiliency management leads to the demise of organizations – even those with strong brands. Keeping risk, complexity, and change in sync is a significant challenge for the organization’s boards, executives, and management professionals. This challenge is even greater when risk management is buried in the depths of departments and approached from a compliance or audit angle, not as an integrated discipline of decision-making that has a symbiotic relationship with performance and strategy. This is further compounded when business continuity programs are completely disconnected and not part of risk management. Organizations need to understand how to monitor risk-taking, measure that the associated risks are the right risks, and review whether the risks are managed effectively to ensure the organization’s resilience.
The ecosystem of business objectives, uncertainty/risk, and integrity is complex and interconnected and requires a holistic, contextual awareness of the organization – rather than a dissociated collection of processes and departments. Change in one area has cascading effects that impact the entire ecosystem. This interconnectedness of business demands 360° contextual awareness in the organization’s risk and resilience processes to reliably achieve objectives, address uncertainty, and act with integrity. Organizations must see the intricate intersection of objectives, risks, and boundaries across the business. Firms globally and across industries are focused on integrating risk management and resilience (historically business continuity/disaster recovery) programs. This is becoming a key regulatory requirement in some industries. Delivering this requires a holistic view of the objectives and processes of the organization in the context of uncertainty and risk and the symbiotic interaction of risk management and business continuity.
This workshop aims to provide a blueprint for attendees on successful risk and resilience management with an integrated strategy, process, information, and technology architecture.
Objectives of the workshop:
Attendees will take back to their organization’s approaches to address:
Part 1: Risk & Resilience by Design Why Risk & Resilience Management Matters
Part 2: Risk & Resilience Governance Blueprint for Effective Risk & Resilience Management
Part 3: Risk & Resilience Management Lifecycle Managing Risk & Resilience in Context of Business Change
Part 4: Risk & Resilience Management Architecture Enabling Information & Technology Management for Risk & Resilience Management
GRC 20/20 ResearchMichael Rasmussen – The GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 30+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” – being the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.
Horváth is an international, independent management consultancy firm with over 1,200 employees in locations in Europe, the USA, and other global markets. We represent in-depth knowledge across different industries and top-level subject matter expertise in all company functions – with a focus on performance management and transformation. We carry out projects for our international customers around the world. In this context, we provide precise knowledge of, and take into account, the local conditions thanks to the cooperation with our partners of “Cordence Worldwide”, a global network of truly connected consultancy firms with the ability to think and deliver together.