Taking the broad view

Recent coverage of risk management disciplines. How closely do you work with your insurance risk managers? And are you keeping an eye on business continuity concerns?

In the introduction to this blog I mentioned two goals or criteria for "real" risk management: that it be more quantitative, and more holistic.

Having covered the quantification angle most recently, I want to post to some recent CSOonline coverage of the broad view.

These first two articles look at the connection between good operational risk controls (i.e. CSO work) and corporate insurance policies -- which is often the purview of a "risk management" function within a large enterprise.

What's your Total Cost of Risk (TCOR)?

Taking a risk on risk management

TCOR is a benchmarking measure provided by RIMS, the Risk and Insurance Management Society. The second article is an interview with Greg Kaden, a bankruptcy lawyer and co-founder of consultancy Fort Hill Risk Management. I find both perspectives valuable.

How closely do you work with the folks who purchase/write your insurance policies? Do those policies accurately reflect your organization's risk appetite as well as the quality and focus of the internal control environment?

Also we have published several articles on a variety of risk management sub-disciplines. Three are related to business continuity:

Drilling for disaster at LAX

3 more tabletop exercises for business continuity

Working the kinks out of your supply chain

and another looks at physical security and safety in the setting of crowded malls:

Securing 1 million shoppers for the holidays

Lastly - a teaser - we have a great interview coming with one of the principle co-authors of the COSO ERM framework, so watch for that toward the end of this month.

Copyright © 2013 IDG Communications, Inc.

The 10 most powerful cybersecurity companies