Enterprise Risk Management Summit
It takes 20 years to build a reputation and five minutes to ruin it. If you think about that, you'll do things differently. Warren Buffet
Reputation risk is consistently one of the top ten risks of any executive / board level survey. Question: Why? As our business strategies shifted from selling products and services to selling experiences and solutions, we depended on brand and reputation to accomplish it. At the same time, technology advances gave consumers unprecedented access to information, communication, transparency, and global forums, which shifted the power from companies to consumers. It is essential in today’s world that reputation is linked with enterprise risk management on one end and crisis and business continuity management on the other end. Our brand and reputation are more important than ever before.
So where does risk management fit into all this?
We are all over the place! In risk management we are asked to work at the highest level with enterprise risk management to lowest level with business continuity management. We are expected to manage and respond to familiar (i.e., well-defined domain) and unfamiliar (i.e., complex domain) risks. We need to manage the traditional downside of risk as well as capitalize on the upside risk. To do our job we operate across organizational functions and domains but with limited authority and priority. We may be accountable for risk management; however, specific persons that work with the risk own it. It is our job to ensure we have the system, processes, capabilities, transparency, and the methodologies in place to allow people to properly do risk management. Linking enterprise risk and reputation with crisis management and business continuity is a challenge for us. We have to work within our confines of the organizational structure, which at times is design to change once a crisis has occurred; that is, crisis is the only catalyst for change. Let’s look at a few structural changes we can run into.
3. 3
Speakers
Sean Murphy
CEO & President
Lootok
Andrew Miller
Executive in Training, Enterprise Risk
Management
ADP
4. 4
What we will cover
• Overview of the problem
• Enterprise risk management
• Reputation risk management
• Crisis & business continuity management
5. 5
It takes 20 years
to build a
reputation and
five minutes to
ruin it. If you
think about that,
you'll do things
differently.
—Warren Buffet
6. 6
World numbers
220KNumber of photos posted
on Instagram per minute
300KNumber of tweets per
minute
5BNumber of daily Google
searches
80%Percentage of Americans
online
4.9Average years of CEO
tenure at Fortune-500
companies
2.5MNumber of pieces of
content shared every
minute on Facebook
40-50Average year lifespan of
Fortune-500 companies
1.5BNumber of people with
pocket sized devices
7. 7
Our humble beginnings
It took mankind roughly 24,000 years to produce 5 terabytes of data. (250,000 years of DVD
quality video.
Venus of Willendorf
Circa 22,000 BCE
First iPod
2003
8. 8
Information
comes of age
We now generate 5 exabytes of
content every 2 days. (250,000
years of DVD quality video)
Today
9. 9
If I was down to
my last dollar, I
would spend it
on public
relations.
—Bill Gates
16. 16
Most of the measures common in the practice of
ERM can be placed in one of two categories: those
measures related to the degree of the
organization’s solvency, and those related to the
volatility of the organization’s performance on a
“going concern” basis.
—Casualty Actuarial Society
20. 20
Reputational management
… by the time a more
conclusive picture of guilt
or innocence emerges … the
coverage has often moved
on, leaving the original
impression largely
unrebutted.
—Paul Farhi
29. 29
Crisis cards
What do these words mean to you?
• Crisis
• Incident
• Interruption
• Disaster
• Catastrophe
• Disruption
What are the criteria for a crisis?
• Public knowledge?
• Injuries/fatalities?
• Financial loss? What amount?
Fragments of blue
plastic are found in
your product in the
morning. All product
from the previous
day’s production are
still within your
control.
31. 31
Attackers
Instructions
• Try to cause maximum damage
to the business by attacking
three equipment items.
• Write your selections, why you
chose these items and how you
would attack them.
• When done, fold your card in
half.
32. 32
Defenders
Instructions
• Try to keep the business afloat
by choosing three equipment
items to protect from the
attackers.
• Write your selections, the
strategies you would use, and
your reasoning for doing so on
the back of your defender
cards.
• When done, fold your card in
half.