Security, Risk, Safety and Resilience Newsletter - Week of 10 Mar 22
Ridley Tony
Experienced Leader in Risk, Security, Resilience, Safety, and Management Sciences | PhD Candidate, Researcher and Scholar
The following is a summary of security, risk, safety and resilience articles, topics and issues ending the week of 10 Mar 22.
Key themes for this week include:
---------------------------------------------------------------------------------
Any reasonable urgent action, emergency, crisis or disaster will initially trigger an operational and administrative 'follower' focus.
That is, chase the drama, respond to the incident, manage from issue-to-issue, which inherently presents the notion of crisis management or administration.
Many organisations and individuals seek credentials and associated experience by restating these actions as means of asserting crisis management pedigree or competency.
However, crisis leadership, much like the distinctions between management and administration, leadership remain considerably distinct from that of management, particularly during a crisis.
Not surprisingly, far less organisations and individual have commensurate experience, knowledge or pedigree when it comes to crisis leadership.
"The objective of enterprise?#riskmanagement?(ERM) is to develop a holistic, portfolio view of the most significant risks to the achievement of the entity’s most important objectives. The “e” in ERM signals that ERM seeks to create a top-down, enterprise view of all the significant risks that might impact the business. In other words, ERM attempts to create a basket of all types of risks that might have an impact – both positively and negatively – on the viability of the business.?"
Expressions of risk, resilience and guidance on urgent business actions such as crisis are routinely dearth of specific organisational contexts or characteristics.
That is, risk and resilience are not neutral nor universal across all types of organisations and typologies meaning that crisis or any other extra ordinary ‘call to action’ must be planned, considered and actioned within the context in which the organisation exists.
Moreover, threats and crisis that impact multiple organisations, industries and geographies must also consider a multitude of organisational constructs, typologies and characteristics too.
Not to mention that most large, contemporary organisations, like culture, may exhibit and demonstrate more than one version of these typologies at any one time, creating further complexity, tension and friction.
"Sections: 1) Aims of presentation 2) What is?#RiskManagement?(RM)? 3) Risk Management Cycle 4) Categories of risk 5) Risk Register 6) Risk Appetite?7) Tips for success 8) Why Risk Management may fail 9) Summary & conclusion"
The notion of 'gap analysis' seemingly takes place every day in organisations when it comes to risk, security and resilience.
That is, as threats, hazards, vulnerabilities and the world evolves, so too does the required scales, complexity and levels of risk, security and resilience management.
Therefore, formal and informal gap analysis is taken by individuals, departments, organisations and governments.
Only some of these gap analysis initiatives are documented and even less are research, analysed and structured plans.
Not surprisingly, results vary, original or 'current' state is forgotten and everything presents as evolution, progress and better than it was....but is it?
领英推荐
"Leadership is about making a difference. If leaders of organizations in the 21st Century are to make a difference and grow their organizations to greatness, they must have the capability to navigate in a very risky and dangerous world. Thus, understanding and managing?#risk?has become imperative for successful leadership of organizations in today’s world.?"
Risk?as an expression is an explosion of variable definitions, understanding, disciplines and comprehension.
Notwithstanding,?risk?as a concept, varies across cultures, time, memory and how it is perceived.
As a result, basic consideration and understanding of risk variables are required by individuals, organisations and governments.
That is, no two risks are directly comparable unless units of analysis, methodology and scales of construction are adequately applied and disclosed.?Including?the people interviewed, affected, conducting the analysis or for whom the assessment was created for in the first instance.
"Because of the lack of consistency or universal, qualified representation of individuals under the extensive topic of?#security?leadership, it could be reasonably concluded that corporate security leadership is at present poorly understood, investigated, represented, or researched. For this reason, it is undermining any legitimate claims that more security leadership is required when in fact, very little security leadership can be uniquely identified as such. That is, security leadership remains jumbled within a suite of issues attributed to security, inclusive of management. This observation further supports the previous argument that consistent, elementary security management remains a greater need for the industry and profession at this stage.?"
Any sufficiently detailed consideration of threat/s or harm specific to an organisation or entity will typically result in a clustering of risk themes.
This taxonomy subsequently acts as a framework for analysis, identification of controls and modifiers and scales of harm that inform the over risk rating associated to both the threat and asset at risk.
As a result, it can be helpful to start with a high-level understanding of key risk areas or compare iterative results with a final, considered framework.
"In this paper I submit a theoretical analysis of Enterprise?#Risk?Management (ERM). ERM is proposed as the solution adopted by the Board of Directors to solve two general?#riskmanagement?problems faced by firms. The first is the agency problem of corporate risk management, according to which agents have interests and behavioral biases that conflict with the best interests of the principal. The second is the information problem of corporate risk management, which is the problem of collecting information about risk centrally in the organization to support decision-making regarding the firm’s total risk-return profile (including the deployment of economic capital).?"
"...we suggest that two broad avenues for thinking about?#security?may be distinguished. The first perspective displays a preference for the question as to what security is (?What is security??). By contrast, the second perspective emphasizes what security does (?What does security do??). In the following, both questions will be addressed, arguing that they differ considerably in terms of their ontological, epistemological and normative assumptions. It is, however, not the purpose of this paper to identify the ?best? way security can or should be encountered as an object of analysis. Its modest objective is, quite simply, to encourage explicit reflection of the term in question, thereby hopefully diminishing the chances of it being applied in an ambiguous or somewhat vague manner.?"
Tony Ridley, MSc CSyP MSyI M.ISRM
Security, Risk, Resilience, Safety & Management Sciences
Bachelor of Commerce - BCom from Nizam College at Hyderabad Public School
3 年??