Uncategorized

Home/Uncategorized

Compliance management as a means of crisis prevention

By |2019-10-28T15:03:54+01:00 28 October, 2019|Uncategorized|

Keeping an eye on the numerous legal requirements for companies is a great challenge for many entrepreneurs. And yet it is worth taking up this challenge. Legal violations can quickly turn into a tangible crisis for the company. Claims for damages (e.g. from product liability), fines (e.g. breaches of antitrust law or data protection requirements), but also financial losses due to loss of reputation; whether committed intentionally or negligently, the legal consequences of a breach of law can endanger the continued existence of the company. The entrepreneurial framework of responsibility and action and the associated obligations and risks should therefore be known and regularly reviewed. A functioning compliance management helps to identify the requirements and risks and can serve business continuity management as the basis for a comprehensive risk analysis. Furthermore, it supports the prevention of legal violations with suitable measures such as training and sensitization and thus [...]

Emergency Management: Immediate action, business continuity, recovery – simply explained

By |2019-09-23T14:08:47+02:00 22 September, 2019|Uncategorized|

Immediate Action Plan, Business Continuation, Recovery Emergency management has its own vocabulary. The graphic from the BSI 100-4 Emergency Management provides a good overview of the chronological sequence. We explain this using a simple example: You have planned a romantic dinner for your partner's birthday and are sitting at home in your living room opposite the dinner table. Suddenly, all four light bulbs of their ceiling lamp fail. Unexpectedly you face a crisis. The time until you notice the failure is the detection time. Ideally, this time is short. A smoke detector, for example, has a shorter detection time of a room fire than your sense of smell when you sleep. So, you are sitting in a pitch-dark room. While you are still thinking about what to do, your partner has already pulled out the smartphone, switched on the flashlight, placed it on a glass and continues to [...]

Climate change as a business risk?

By |2019-07-03T10:02:08+02:00 3 July, 2019|Uncategorized|

Climate change and its consequences are painfully felt in many areas and increasingly pose a threat to people and the environment. According to the German Weather Service (DWD), "around 9% more precipitation falls over the year than 140 years ago". The increase in heat waves and hot days can also be clearly seen in the climate report of the German Weather Service (source: bkk.bund.de). Direct consequences of the climatic changes are weather extremes such as heavy rain (or snow), heat (or extreme cold) as well as increasing storms. They have an increasing impact on infrastructure, health, water resources, ecosystems, and much more. In the future, companies will also have to deal even more thoroughly with the possible effects and consequences of climate change. In May of this year, heavy rainfall caused the ceiling of a hospital delivery room to collapse and, at some point, electricity to fail. It [...]

Abuse of trust: The underestimated danger

By |2019-07-05T09:50:50+02:00 23 May, 2019|Uncategorized|

Trust generates an expectation of a certain type of behaviour. This expectation of behaviour is the basis of all private, professional and business relationships. If the trust is abused, misled about ones true intentions and fooled, the trust is "BROKEN". For organizations and their processes, a breach of trust by the people involved means the destruction of process security, the loss of quality control and manageability. This destructive process has a name: Corruption. (Corruptio (lat.): Corruption, corruption, decay of morals) General definition of corruption ISO 37001: Offer, promise, grant, accept or demand an undue advantage of any value (which may be financial or non-financial), directly or indirectly and regardless of the location(s), in violation of applicable law, as an incentive or reward for any person in connection with the performance (3.16) of, or failure to perform, that person's duties. Corruption is first and foremost an ethical activity category. [...]

Gartner Study: Trends in Security and Risk Management

By |2019-07-04T12:41:52+02:00 8 March, 2019|Uncategorized|

Gartner, Inc. has identified seven emerging security and risk management trends that will impact security, privacy and risk managers over time. Gartner defines the top trends as ongoing strategic changes in the security ecosystem that are not yet widely recognized, but are expected to have a broad impact on the industry and a significant impact. According to Gartner, the seven most important trends for security and risk management are for 2019 and beyond: Trend #1: Risk appetite statements are linked to business results. As IT strategies become more closely aligned with business objectives, the ability of Security and Risk Management (SRM) executives to effectively present security issues to key decision-makers in the organization is gaining in importance. "To avoid focusing solely on IT decision-related issues, create simple, practical, and pragmatic risk-taking statements that are related to business objectives and relevant to board level decisions," said Peter Firstbrook, research [...]

Ten eerie scenarios for Germany 2019

By |2019-07-17T13:36:15+02:00 21 February, 2019|Uncategorized|

It is a game of speculation. Which security-related, social or political incidents could shape the year 2019: Drone incident / accident at an airport. With the increasing spread of privately and commercially used drones, it can be assumed that accidental or intended incidents with drones will occur. At least one serious accident of drones with aircraft or airports is to be expected. Long-term cold weather with impairment of gas supply and restrictions in shipping, especially inland shipping and North-East Sea. The last flood on the Elbe or Rhine with extensive flooding was already six years ago - in the next four years there will presumably be a further flooding situation across federal states. Major demonstrations in the area of conflict between infrastructure and energy generation such as Hambacher Forst, Stuttgart 21 etc. lead to significantly longer and more complicated planning and implementation processes of large-scale and small-scale projects [...]

The 5 most important points of a Business Impact Analysis

By |2019-07-17T11:42:35+02:00 12 February, 2019|Uncategorized|

Completeness and timeliness: The list of all business impacts considered must be complete. In day-to-day business, the focus is primarily on operational details. The overall view is thus lost to a certain extent. In the strategic dimension of Business Impact Analysis (BIA), it is very important not to overlook assets or risks. Without a complete list of all processes involved, it is not possible to describe all risks and dependencies. It is crucial not only to consider the existing documentation situation, but also to make a target/actual comparison between documentation and reality. Undocumented processes such as "shadow IT" can represent an incalculable risk - those who do not include them in their business impact analysis have white spots on their map. Even outsourced processes must be considered. The same is true for up-to-dateness. The processes listed in the Business Impact Analysis must be up to date. Depending on [...]

Further focus on risk management in 2019

By |2019-07-17T12:39:48+02:00 10 January, 2019|Uncategorized|

Looking to 2019, directors and C-level executives around the world are very concerned about their company's ability to transform operations and infrastructure to compete successfully with born digital companies. This is the result of the "Executive Perspectives on Top Risks 2019" survey conducted by the global consulting firm Protiviti in collaboration with the Enterprise Risk Management (ERM) Initiative of the North Carolina State University Poole College of Management. The challenges of succession in senior management, followed by tighter regulatory changes and controls, rounded off the three most important concerns. The survey examines the concerns of 825 board members and executives worldwide in a variety of industries. This year's results show a significant increase in digital readiness concerns, catapulting them from 10th place in 2018 to 1st place in 2019. This leap shows that digital agility and scalability are essential for businesses. Established companies are struggling to compete with [...]

Cyber Attack: Effective Reaction

By |2019-07-18T12:55:06+02:00 5 January, 2019|Uncategorized|

Preparing for cyber attacks is often a shortcoming in many organizations. In this article, we look at how to develop an effective incident response plan and give an overview of five steps that should be taken during an incident. It's the call that IT teams fear: An employee reports that his PC screen is flashing red with a message telling him that his files are encrypted and that he has to pay a ransom to decrypt them. What should they do next? The actions the company takes in the next few minutes and hours will determine how large - or small - the impact of the cyber attack will be. In addition, a cyber attack not only negatively impacts the company's physical IT systems, it also causes stress and puts pressure on employees. A recent paper published by the University of Haifa found that cyber attacks have a [...]

The art of decision-making

By |2019-07-17T12:53:38+02:00 19 December, 2018|Uncategorized|

Decision making in an emergency or even a crisis is an art. The decision-makers are either simply good at it or in the end are only lucky to know who to call. However, the right decision is often made for the wrong reasons! For those who know that they are not brilliant at making decisions or do not want to rely on their luck, I have looked at simple tools and techniques that are easy for emergency teams to understand and therefore applicable during an incident. One of the tools that many try to use and adopt is the UK Police National Decision Model (NDM). Many business continuity consultancies teach a civil version of it. It's a little too complex for me and I'm still looking for something simpler. Looking for insights and tools for decision making, I came across an excellent paper by Carolyne Smart and Ilan [...]

Load More Posts