Corporate Defence: - PowerPoint PPT Presentation

1 / 35

About This Presentation

Title:

Corporate Defence:

Description:

Bugging, Spyware and Data Protection issues etc. Natural Disasters: ... Frameworks and Best Practices. Based on 4 Pillars. Governance. Risk Management. Controls ... – PowerPoint PPT presentation

Number of Views:26

Avg rating:3.0/5.0

Slides: 36

Provided by: seanl74

Category:

more less

Transcript and Presenter's Notes

Title: Corporate Defence:

1
R.I.S.C.International

Corporate Defence
Risk Management, Business Resilience
and Beyond
Sean Lyons
Principal
Risk-Intelligence-Security-Control
R.I.S.C. International (Ireland)
BCI Symposium 2007
Amsterdam Conference
18th October 2007
Reed Exhibitions

1
2
Agenda

What does Corporate Defence mean in your
organisation?
Integrating your defence related functions
Introducing Corporate Defence Management (CDM) as
a holistic solution
Business Continuity Opportunities

R.I.S.C.International
2
3
R.I.S.C.International

What does Corporate Defence mean in your
organisation?

3
4
Traditional View

Narrow Focus
Reactive Approach
Silo Structure

R.I.S.C.International
4
5
Result

Crisis Management
Lack of Accountability
Ineffective
Inefficient

R.I.S.C.International
5
6
Contemporary View

Corporate World
Accelerating rate of change
Knowledge is provisional, imperfect or obsolete
Ever-changing and more sophisticated threats
Unpredictable world filled with uncertainty and
danger
Traditional approach no longer adequate
Reactive approach no longer sustainable
Defending includes safeguarding, protecting and
valuing the interests of all the stakeholders

R.I.S.C.International
6
7
Stakeholder View
Happy Family

Shareholders
Clients
Business Partners
Regulators
Line Management
Staff

R.I.S.C.International
7
8
Stakeholder Interests

Stakeholder Focus
Yes an economic focus
Not just about financials
Stakeholder Perspective
Individuals
People
Human beings
Valued partners
Stakeholder Concerns
Health
Safety
Welfare
Wellbeing

R.I.S.C.International
8
9
A 21st Century Vision

Corporate Defence in the 21st century requires
A more eminent role in corporate strategy
A higher priority and profile within organisation
A more progressive and proactive approach
A broader stakeholder focus
A far more comprehensive brief
A strategic re-alignment of defence related
activities
A top-down and bottom-up approach
A synthesised holistic solution

R.I.S.C.International
9
10
R.I.S.C.International

Integrating Your Defence Related Functions

10
11
Examples of Potential Hazards

Litigation
Professional Negligence, Civil and Product
Liability etc
Fraud
Corruption, Embezzlement, Accounting
Irregularities etc
Compliance
Legal and Regulatory breaches etc
Crime
Terrorism, Sabotage, Theft and Armed Robbery etc
Espionage
Bugging, Spyware and Data Protection issues etc
Natural Disasters
Flooding, Tsunami, Pandemic etc

R.I.S.C.International
11
12
Corporate Defence Domain
Corporate Governance
Risk Management
Corporate Investigations
Corporate Compliance
Corporate Assurance
CORPORATE DEFENCE
Corporate Intelligence
Corporate Controls
Knowledge Management
Business Protection
Physical Security
Resilience Management
IT Security
R.I.S.C.International
12
13
Interdependencies

Corporate Defence Domain
Corporate Defence Ecosystem
Symbiotic relationships
All defence related activities are linked
Each represents a link in the chain
Chain only as strong as weakest link
Exploitation of weakest link

R.I.S.C.International
13
14
Functional Developments

Evolutionary Process
Disparate Approach
Centralised Approach
Enterprise-wide Approach
Integrated Approach

R.I.S.C.International
14
15
Evolution Observations

All moving in a similar direction
All encountering similar challenges
All with common objective (safeguarding)
A high degree of duplication and overlap
A high-level of intersection

R.I.S.C.International
15
16
Cross-functional Developments

A Convergence Evolution
Operational Risk Management
Enterprise Risk Management
Governance, Risk and Compliance (GRC)
IBM Business Resilience
1. Integrated risk management
2. Continuity of business operations
3. Regulatory compliance
4. Security, privacy and data protection
5. Knowledge expertise and skills
6. Market readiness
Also occurring in others areas

R.I.S.C.International
16
17
Collective Requirements

A strategic focus
An enterprise-wide vision
A comprehensive strategy
An alignment of objectives
A unified management structure
An adaptable approach
A cross-functional convergence of complimentary
disciplines
An integration of systems and processes
A continuous improvement process
An implementation of flexible solutions

R.I.S.C.International
17
18
R.I.S.C.International

Introducing
Corporate Defence Management (CDM)
as a holistic solution

18
19
CDM Defined

The discipline of managing corporate defence
in order to adequately defend the interests of
the stakeholders. It requires a proactive
approach to co-ordinating and integrating a range
of interrelated disciplines, which taken together
can help to anticipate, prevent, detect and react
to potential threats and vulnerabilities, thereby
protecting the organisation from potential
hazards.

R.I.S.C.International
19
20
Cross-functional Discipline

Consolidation and alignment of defensive
activities
Coherent strategic approach
Directed in an integrated strategic manner
Operating in unison towards common objectives
Adoption of similar performance expectations
Managed in a co-ordinated and systematic manner
Collectively defend stakeholder interests

R.I.S.C.International
20
21
Corporate Defence Cycle
R.I.S.C.International
21
22
Observations

Not once off, point in time assignment
Constantly evolving exercise, without end
Requires continuous revision and improvement
Cognizant of corporate defence drivers
Alert to potential threats and vulnerabilities
Ongoing vigilance

R.I.S.C.International
22
23
(No Transcript)
24
The CDM Continuum

Corporate Defence Activities
Continuous Interaction
Dependencies and Interdependencies
Correlations
Cause and Effect
Cascade of Consequences

R.I.S.C.International
23
25
Applying the CDM Paradigm
R.I.S.C.International
25
26
Strategic Management Activities

Core strategic management areas
Frameworks and Best Practices
Based on 4 Pillars
Governance
Risk Management
Controls
Assurance (includes Investigations)
Structural frameworks which need to be in place
Represent backbone of corporate defence
activities
Around which ongoing functional activities
operate

R.I.S.C.International
26
27
Ongoing Functional Activities

Essential ongoing operational activities
Required to be continuously operating on an
ongoing basis throughout the organisation
Intersect and are intersected by strategic
management activities
Core Activities
Compliance
Security (includes Physical and IT)
Resilience (includes Business Protection)
Intelligence (includes Knowledge Management)
A variety of possible frameworks available

R.I.S.C.International
27
28
Unifying Defence Objectives
Anticipation The timely identification and
assessment of existing threats and
vulnerabilities, and the prediction of future
threats and vulnerabilities. Prevention Taking
sufficient measures to shield the organisation
against anticipated threats and vulnerabilities.
Detection Identification of activity types
(exceptions, deviations anomalies etc) which
indicate a breach of corporate defence
protocol. Reaction The timely response to a
particular event or series of events, in order to
both mitigate the current situation, and to take
further corrective action in relation to
deficiencies identified, and to prevent these
events re-occurring in the future.
R.I.S.C.International
28
29
R.I.S.C.International