Posts

The WDYMB…Crisis? articleprompted a few questions concerning the interactions and relationship between crisis management, business continuity management and general response. These relationships are complicated both in how these are managed and also because different disciples will view the relationships differently. Below, there is a quick video I made to help explain the relationships as I described these in the article. Spoiler – the graphic is a little busy so it is worth pausing the video to take a look at this before you listen to the whole thing. ...

After 15 years, it feels very good to finally be able to write that. Take a look. The video might be scrappy but the app isn’t. [Video: https://video.wordpress.com/embed/zX4Nf4zz?hd=0&autoPlay=0&permalink=1&loop=0&preloadContent=metadata&muted=0&playsinline=0&controls=1&cover=1] DCDR is live AND it has users. It’s been a busy week. Schedule your demo

When things go wrong Despite the best efforts of the risk manager and senior leadership, it’s still possible that things can go wrong for your organization. Processes aren’t followed or are applied incorrectly, mitigation measures turn out to be inadequate, something unforeseen happens or, as is so often the case, someone does something they shouldn’t. At one end of the spectrum are relatively common slips, trips or falls, minor fires, or the accidental deletion of data. More significant are the payment of bribes, cutting corners on regulations or a crass, offensive comment from an executive. At the extreme end of the spectrum are crisis events, situations that can strike a fatal blow to the organization: a chemical spill causing mass casualties, widespread fraud or a toxic culture of racism, sexism or other discrimination. ...

I’ve just uploaded a short video showing one of the functional assessment apps in use. Although the methodology is different from the full DCDR tool, the approach and functionality is very similar: Fast? Check! Simple? Check! Easy to use? Check! So here’s a taster of what the DCDR app is going to look like. Enjoy! [Video: https://video.wordpress.com/embed/xThbiOro?hd=0&autoPlay=0&permalink=1&loop=0&preloadContent=auto&muted=0&playsinline=0&controls=1&cover=1]

Opportunity overload continues to be the biggest threat to DCDR right now: I keep finding myself being seduced by thoughts of what the app could do, rather than what the core feature set should be. Luckily, I am getting good advice from Matt and from the several thousands of hours of podcasts and interviews I have consumed. As usual, the problem isn’t getting the right advice. Following the advice, however, is always more difficult. I am finding Paul Graham’s advice particularly useful and his ‘Startups in 13 Sentences‘ essay has become my roadmap. ...

I confess to having a love / hate relationship with standards. On the plus side, having an agreed way of doing things is incredibly attractive. There is no need to spend long periods trying to design a system; shared terms, concepts and processes; easy collaboration between different groups. So when they work well, standards are great and definitely have a lot going for them. Yay! However, there are also drawbacks. ...

For most people, this will be a busy time of the year: end of year performance reviews, last-minute budget planning, holiday parties or a final push to achieve their annual goals. All of this adds up to a very busy time when all you want to do it take a break. However, there’s one other thing I’m going to suggest you squeeze in before you start next year’s ERM program. ...

Meet the expert – Crisis Communications with Price Floyd We are kicking off our ‘meet the expert’ series with an interview with Price Floyd, the founder of the Engaging America Projectand an expert in risk and crisis communications. Price has over 25 years of experience in government and the private sector and here he shares over a dozen key lessons he has learned including: The difference between communications in government and the private sector How digital media has improved crisis communications Why it’s too late to call the communications team when things start going wrong The number one skill for communicators Why it’s important to tend the garden (and what this means) Watch the video to hear these and many more key lessons that you can put into action today. ...

I’m trying to improve my videos so apologize for the quality but here’s a quick video with 10 quick thoughts on risk management. [Video: https://video.wordpress.com/embed/zX8wUAWO?hd=0&autoPlay=0&permalink=1&loop=0&preloadContent=metadata&muted=0&playsinline=0&controls=1&cover=1] Let me know what you think!

Enterprise security risk management (ESRM) has been a topic of increasing interest for security managers over the past few years. ASIS International has identified it as a strategic focus. However, after a review of the literature, beginning with the 2010 CSO roundtable paper on ESRM, two issues are raised that could make ESRM implementation difficult. The initial papers on ESRM appeared to encourage security to fill the gap left by traditional enterprise risk management (ERM) systems, which often focused on financial and market risk exclusively. Although an effective ERM system should incorporate all risks, having security fill these gaps via the ESRM system would quickly overwhelm the chief security officer (CSO). ...