Enterprise Risk Management and Business Continuity Planning Mark Carey, CPA, CISA President 866.335.2736 x8431
Published byModified over 4 years ago
Presentation on theme: "Enterprise Risk Management and Business Continuity Planning Mark Carey, CPA, CISA President 866.335.2736 x8431"— Presentation transcript:
Enterprise Risk Management and Business Continuity Planning Mark Carey, CPA, CISA President 866.335.2736 x8431 firstname.lastname@example.org www.delcreo.com
BCP Experience Business impact assessment Functional versus process view Standard Business continuity planning methodologies and “Body of Knowledge” neglect “Program” elements How does BCP fit in the broader picture of managing risk for a company? Benchmarking/Leading Practice/Example Plans
Enterprise Risk Management Definition Enterprise Risk Management (ERM) is the capability to protect enterprise value by managing risk: –With a coordinated and systematic approach, –Organization-wide, and –Across all types of risk.
Business Risk Profiling: Risk Drivers StrategicOperationalStakeholderFinancialIntangible Macro Trends Competitor Economic Resource Allocation Program/Project Organization Structure Strategic Planning Governance Brand/Reputation Ethics Crisis Partnerships/JVs Processes Physical Assets Technology Infrastructure Business Interruption Legal Human Resources Environmental Hazard Customers Line Employees Management Suppliers Government Partners Community Market Accounting Credit Cash Management Taxes Regulatory Compliance Knowledge Intellectual Property Information Systems Databases Information for Decision Making
Business Impact Assessment Management challenges the numbers –Make it “real” for senior management –Typical approach/ measures often do not line up with how CEO, CFO, CIO evaluate their business and make decisions Shareholder Value Levers Risks That Matter Growth Accelerate growth in current businesses Drive adoption of next generation appliances, e- services and infrastructure in high growth markets Value Web and Organizational Efficiency Streamline decentralized operating model Total Customer experience approach Capital Take advantage of strong balance sheet Market Variables Create e-services ecosystems - place HP at the center Risk Management Culture and Infrastructure RISK MANAGEMENT CULTURE AND INFRASTRUCTURE Risk Strategy Risk Management Processes Technology Functions Culture and Capability Governance IMPROVEMENT INITIATIVES Senior Management Validation and Support eRisk Rapid Response (eR 3 ) Process Risk Coverage Mapping Risk Management Workbench Detailed Risk Analysis eBusiness Risk Management Benchmark Customer Facing Business Models Virtual Supply Chain Partnerships and Alliances e-Business Infrastructure Venture Capital Investments Human Resource Organizational Change/Allocation of Resources Intellectual Property
Human Resources CEO Marketing ResearchSalesGraphics Manufacturing Stakeholders External Environment Capital Materials People Information Inputs Stakeholders Internal Environment Human Resources Information Technology Accounting Communications Support Processes Executive Products Service Information O utputs Product/Process Design Gaining New Business Operations After Sales Support Operations Risk Management Treasury Primary Processes Function versus Process View
BCP Methodologies and Body of Knowledge Focused on developing a plan What is missing: –Process improvement tools Process Modeling and Improvement –Program management Value Drivers Strategic Planning and Alignment (Personal and Department/Function) Reporting Knowledge Management –Program implementation Implementation Organizational Change
Strategic Planning Are we in alignment with organizational value drivers and strategies Can we implement our strategy effectively? Do we have the right –Organizational structure –Tools –Metrics –“Go to market” approach?