When we consider the growing number of risks and threats to business and people from terrorist organizations and other groups, it is time for security, threat and vulnerability assessments and crisis management to become strategic governance issues. The benefits of establishing a comprehensive risk management strategy have been shown to more

Crisis management is referred to as plans, procedures and mechanisms enabling an organization to prepare for, respond to, and recover from, an extraordinary incident or event, or a series thereof, expected or unexpected, foreseen or unforeseen, threatening the viability of an organization. Crisis management entails planning for contingencies, coordinating emergency response, controlling, containing and mitigating the affects of a crisis and bringing about recovery assumption of normal business.

As part of this strategy it is also essential to achieve compliance with the growing number of industry standards that address these issues. By adopting a strong risk/crisis management posture, your firm can ensure customer trust, your brand reputation and your bottom line.

The onus remains squarely on businesses to establish measures to limit the impact on their assets and operations from issues such as global terrorist threats, climate change, natural resource depletion, pandemic disease and economic shocks. At the same time, there is growing pressure for business’ role in these trends to be more closely monitored and constrained.
The general array of transnational threats in 2008 is likely to be similar to that of 2007, but in an era of global inter-connectedness and global supply chains, domestic and international business must always be prepared for new and unforeseen vulnerabilities to reputation, security and – ultimately – profitability in all locations.

Global business integration will be mirrored by an ever more mobile criminal and campaigning community. A US government report highlighted information technology infrastructure as highly vulnerable to terrorist and criminal attack. While the links between cyber attacks and terrorism are expected to grow as terrorist organizations become more technologically sophisticated, conventional cyber crime remains the pre-eminent problem. Records indicate that the manufacturing and financial services sectors are the principal business targets for attack. Globally, the US continues to suffer the largest number of cyber attacks, with China and Russia being the main source.

Even as emerging markets are urged to reduce regulatory obstacles to business, companies are facing a proliferation of international expectations, principles and best practice guidelines. Open, global standards are, however, the prerequisite for the integration of different disciplines and the smooth interaction of the relevant functions. Key technologies that will be decisive for further development and will enhance the degree of security include video over IP (video functions via IP-based networks), secure data networks (IT security), networked services (remote services) and consistent management of building data (efficient collection, analysis, etc.). Miniaturized sensor arrays, adaptive control systems and wireless technology are key factors for providing higher individual room comfort and efficient energy consumption.

In decades past, managers who sought to protect their organizations from unexpected disruptions often found it sufficient to prepare (and then shelve) basic emergency response or IT disaster-recovery plans. Today, however, several factors are driving businesses to take a more aggressive approach in preparing for the unexpected and protecting the organization:
• Regulatory agencies, financial markets, and individual investors expect more savvy risk management practices from corporate executives, as evidenced by widespread regulatory reforms in developed nations
• Several large-scale, tragic events in recent years have heightened managers’ awareness of the extremely difficult challenges businesses can face when disaster occurs and firms are unprepared
• Relentless pressure to reform management, manufacturing, and inventory-management processes to achieve heightened efficiency has brought with it new exposures to disruption. This centralization of critical processes is introducing new single-points-of-failure—a fact often overlooked by senior management.
This shifting landscape means that now, more than ever, businesses must actively think through ‘what if’ scenarios regarding the loss of critical processes. ‘Business continuity planning’ is the process by which managers identify and arrange to continue a prioritized set of key activities in the event of a disruption to the business.

As part of an organization’s overall risk management, contingency planning entails crisis preparedness and business continuity planning. While crisis preparedness focuses on implementing response, recovery and business resumption measures in the event of a crisis, business continuity focuses on long-term models of ensuring availability of business functions and processes. Both aspects of planning and preparedness start long before a crisis occurs and are aimed at implementing preventative measures and providing the organization’s crisis management structure with the necessary tools to manage the immediate and long term effects of a crisis.

When we consider the growing number of risks and threats to business and people from terrorist organizations and other groups, it is time for security, threat and vulnerability assessments and crisis management to become strategic governance issues. The benefits of establishing a comprehensive risk management strategy have been shown to more

Crisis management is referred to as plans, procedures and mechanisms enabling an organization to prepare for, respond to, and recover from, an extraordinary incident or event, or a series thereof, expected or unexpected, foreseen or unforeseen, threatening the viability of an organization. Crisis management entails planning for contingencies, coordinating emergency response, controlling, containing and mitigating the affects of a crisis and bringing about recovery assumption of normal business.

As part of this strategy it is also essential to achieve compliance with the growing number of industry standards that address these issues. By adopting a strong risk/crisis management posture, your firm can ensure customer trust, your brand reputation and your bottom line.

The onus remains squarely on businesses to establish measures to limit the impact on their assets and operations from issues such as global terrorist threats, climate change, natural resource depletion, pandemic disease and economic shocks. At the same time, there is growing pressure for business’ role in these trends to be more closely monitored and constrained.
The general array of transnational threats in 2008 is likely to be similar to that of 2007, but in an era of global inter-connectedness and global supply chains, domestic and international business must always be prepared for new and unforeseen vulnerabilities to reputation, security and – ultimately – profitability in all locations.

Global business integration will be mirrored by an ever more mobile criminal and campaigning community. A US government report highlighted information technology infrastructure as highly vulnerable to terrorist and criminal attack. While the links between cyber attacks and terrorism are expected to grow as terrorist organizations become more technologically sophisticated, conventional cyber crime remains the pre-eminent problem. Records indicate that the manufacturing and financial services sectors are the principal business targets for attack. Globally, the US continues to suffer the largest number of cyber attacks, with China and Russia being the main source.

Even as emerging markets are urged to reduce regulatory obstacles to business, companies are facing a proliferation of international expectations, principles and best practice guidelines. Open, global standards are, however, the prerequisite for the integration of different disciplines and the smooth interaction of the relevant functions. Key technologies that will be decisive for further development and will enhance the degree of security include video over IP (video functions via IP-based networks), secure data networks (IT security), networked services (remote services) and consistent management of building data (efficient collection, analysis, etc.). Miniaturized sensor arrays, adaptive control systems and wireless technology are key factors for providing higher individual room comfort and efficient energy consumption.

In decades past, managers who sought to protect their organizations from unexpected disruptions often found it sufficient to prepare (and then shelve) basic emergency response or IT disaster-recovery plans. Today, however, several factors are driving businesses to take a more aggressive approach in preparing for the unexpected and protecting the organization:
• Regulatory agencies, financial markets, and individual investors expect more savvy risk management practices from corporate executives, as evidenced by widespread regulatory reforms in developed nations
• Several large-scale, tragic events in recent years have heightened managers’ awareness of the extremely difficult challenges businesses can face when disaster occurs and firms are unprepared
• Relentless pressure to reform management, manufacturing, and inventory-management processes to achieve heightened efficiency has brought with it new exposures to disruption. This centralization of critical processes is introducing new single-points-of-failure—a fact often overlooked by senior management.
This shifting landscape means that now, more than ever, businesses must actively think through ‘what if’ scenarios regarding the loss of critical processes. ‘Business continuity planning’ is the process by which managers identify and arrange to continue a prioritized set of key activities in the event of a disruption to the business.

As part of an organization’s overall risk management, contingency planning entails crisis preparedness and business continuity planning. While crisis preparedness focuses on implementing response, recovery and business resumption measures in the event of a crisis, business continuity focuses on long-term models of ensuring availability of business functions and processes. Both aspects of planning and preparedness start long before a crisis occurs and are aimed at implementing preventative measures and providing the organization’s crisis management structure with the necessary tools to manage the immediate and long term effects of a crisis.