Ontonix is a software and services firm founded by experts from aerospace, nuclear, and civil engineering industries to develop and apply complexity management solutions. Their flagship software, OntoSpace, quantitatively measures the complexity of businesses and dynamic processes to assess risk, predict behavior, and identify sources of fragility through complexity profiling. Ontonix aims to deliver complexity management tools globally to help organizations navigate turbulent times.
The document discusses challenges with traditional risk analysis and risk management methods that rely heavily on subjective human judgment. It argues that current popular methods often do not improve forecasts and decisions when objectively measured, and can even add more errors compared to relying solely on expert intuition. The document advocates applying statistical techniques like calibrated expert elicitation, quantitative modeling, and computing the expected value of information to help identify what risk factors and measures matter most and should be prioritized for measurement in order to meaningfully reduce uncertainty and improve risk-related decisions.
This document outlines a risk management process using an IT tool. It describes how users can log risks and priorities, which triggers automated workflows to notify engineers. Engineers then create risk records in the system. Managers periodically review risks and key metrics to prioritize activities and ensure targets are met. The tool allows for efficient collaboration and compliance across the risk management life cycle from identification to treatment and review.
BCM to Business Resilience - John Bolton, IBM Client Community Meeting, 23.5.13JakeStead
Business continuity management is evolving into business resiliency to better prevent impacts rather than just prepare for and recover from them. Business resiliency focuses on building an organization that is less likely to fail when facing unexpected events through measures like multi-skilled staff, diverse suppliers and supply chains, multiple office locations, and diversified markets. While business continuity teams have traditionally owned continuity planning, true business resiliency requires contributions from across an organization, including IT, risk, security, and other departments, to embed resilience into corporate governance.
Operational risk management is becoming an important part of corporate governance frameworks. It aims to proactively identify, assess, and manage risks to improve transparency, efficiency, and shareholder value while protecting reputation. Recent regulatory scrutiny and fines show the importance of properly managing operational risks. Actuaries are well-suited to lead operational risk management due to their understanding of risk assessment and financial impacts.
Magic quadrant for operational risk management solutions Deepak Kamboj
Magic Quadrant for Operational Risk Management Solutions
Analyst(s): John A. Wheeler, Jie Zhang
Summary
Security and risk management leaders are seeking to integrate their risk management solutions to gain a more holistic view of risk across the enterprise. Operational risk management solutions serve as the core element of integrated risk management.
Enterprise risk management is an underutilized management practice that allows community-based financial institutions to become more efficient, smarter, and better able to compete in an increasingly complex environment.
WolfPAC Solutions Group Director Michael Cohn creates a strong case on why community-based financial institutions should implement an enterprise risk management program to reduce costs and successfully achieve business goals in an increasingly competitive and regulated environment.
Making the Business Case for Security InvestmentRoger Johnston
(1) Traditional ROI arguments for security spending often don't convince executives who are unaware of security issues and risks. (2) Executives may not envision security failures occurring on their watch and would rather save money now. (3) Estimating attack probabilities and costs is difficult, and long-term damage is underestimated in ROI analyses. (4) The author proposes an 8-step hybrid approach using best practices, legal perspectives, competitor comparisons, vivid failure scenarios, and scare tactics to convince executives to invest in security.
The Cio And Crisis Leadership, An Examinationdbriner
The document discusses the role of the CIO in crisis leadership and management. It defines a crisis as a crucial point involving abrupt change. The CIO is responsible for managing reliability and complexity in systems to ensure success. Systems will inevitably fail, and the CIO must plan for reliable recovery through redundant systems and resources to minimize downtime. The document outlines the Incident Command System structure the CIO should employ to effectively manage a crisis through communication, planning, accountability and resource coordination. Mitigation, restoration and prevention are key priorities for the CIO after a crisis to ensure it does not reoccur.
The document discusses challenges with traditional risk analysis and risk management methods that rely heavily on subjective human judgment. It argues that current popular methods often do not improve forecasts and decisions when objectively measured, and can even add more errors compared to relying solely on expert intuition. The document advocates applying statistical techniques like calibrated expert elicitation, quantitative modeling, and computing the expected value of information to help identify what risk factors and measures matter most and should be prioritized for measurement in order to meaningfully reduce uncertainty and improve risk-related decisions.
This document outlines a risk management process using an IT tool. It describes how users can log risks and priorities, which triggers automated workflows to notify engineers. Engineers then create risk records in the system. Managers periodically review risks and key metrics to prioritize activities and ensure targets are met. The tool allows for efficient collaboration and compliance across the risk management life cycle from identification to treatment and review.
BCM to Business Resilience - John Bolton, IBM Client Community Meeting, 23.5.13JakeStead
Business continuity management is evolving into business resiliency to better prevent impacts rather than just prepare for and recover from them. Business resiliency focuses on building an organization that is less likely to fail when facing unexpected events through measures like multi-skilled staff, diverse suppliers and supply chains, multiple office locations, and diversified markets. While business continuity teams have traditionally owned continuity planning, true business resiliency requires contributions from across an organization, including IT, risk, security, and other departments, to embed resilience into corporate governance.
Operational risk management is becoming an important part of corporate governance frameworks. It aims to proactively identify, assess, and manage risks to improve transparency, efficiency, and shareholder value while protecting reputation. Recent regulatory scrutiny and fines show the importance of properly managing operational risks. Actuaries are well-suited to lead operational risk management due to their understanding of risk assessment and financial impacts.
Magic quadrant for operational risk management solutions Deepak Kamboj
Magic Quadrant for Operational Risk Management Solutions
Analyst(s): John A. Wheeler, Jie Zhang
Summary
Security and risk management leaders are seeking to integrate their risk management solutions to gain a more holistic view of risk across the enterprise. Operational risk management solutions serve as the core element of integrated risk management.
Enterprise risk management is an underutilized management practice that allows community-based financial institutions to become more efficient, smarter, and better able to compete in an increasingly complex environment.
WolfPAC Solutions Group Director Michael Cohn creates a strong case on why community-based financial institutions should implement an enterprise risk management program to reduce costs and successfully achieve business goals in an increasingly competitive and regulated environment.
Making the Business Case for Security InvestmentRoger Johnston
(1) Traditional ROI arguments for security spending often don't convince executives who are unaware of security issues and risks. (2) Executives may not envision security failures occurring on their watch and would rather save money now. (3) Estimating attack probabilities and costs is difficult, and long-term damage is underestimated in ROI analyses. (4) The author proposes an 8-step hybrid approach using best practices, legal perspectives, competitor comparisons, vivid failure scenarios, and scare tactics to convince executives to invest in security.
The Cio And Crisis Leadership, An Examinationdbriner
The document discusses the role of the CIO in crisis leadership and management. It defines a crisis as a crucial point involving abrupt change. The CIO is responsible for managing reliability and complexity in systems to ensure success. Systems will inevitably fail, and the CIO must plan for reliable recovery through redundant systems and resources to minimize downtime. The document outlines the Incident Command System structure the CIO should employ to effectively manage a crisis through communication, planning, accountability and resource coordination. Mitigation, restoration and prevention are key priorities for the CIO after a crisis to ensure it does not reoccur.
Ontonix is a software and services firm that develops tools to measure and manage complexity in businesses and processes. Their flagship product, OntoSpace, analyzes financial and other data to assess the complexity, structure, and risk levels of companies. They offer online services like OntoNet that generate complexity maps and ratings. OntoDyn analyzes customer data to identify those at risk of attrition. Ontonix applies concepts of complexity science across disciplines to transfer knowledge and help clients cope with turbulent times through complexity management.
Presented to TASA/TASB Convention October 2, 2009 in Houston.
Presented to TASB Summer Leadership Institute June 13, 2009 in San Antonio and June 20, 2009 in Ft. Worth.
Judging A Book: Advocating (i2o: inside to out) Political change as an antedo...David Wilson
This document discusses the complexity of judging political leadership and delivering change. It questions whether people can really know who to trust given that manifestos are complex and commentators are supposedly impartial. True change requires more than just party political shifts and may need to rebuild trust from the bottom up. The document also discusses complexity management, noting that complexity is difficult to measure but accounts for uncertainty, and that systems near their critical complexity can easily become unstable and hard to manage.
This document discusses using complexity analysis as an advanced method for data mining. It involves 3 steps: 1) Measuring the information content in scatter plots using image entropy. 2) Identifying relationships between variables using mutual information. 3) Repeating steps 1 and 2 for all variable pairs to map dependencies and identify key interrelated and isolated variables. Complexity is defined by the number and nature of relationships, providing insights into system controllability, predictability, and distance from critical complexity. Complexity analysis can extract more useful insights than simple correlations when data is complex, turbulent or chaotic.
The document introduces Resilience Rating, a new online system for rating business resilience. It measures how well a business can withstand economic shocks. Companies can rate themselves by analyzing their own operational data. The system provides (1) a resilience score to assess fragility, (2) a ranking of key operational parameters to focus on, and (3) an interactive business structure map to examine interdependencies. The goal is to make ratings more democratic, objective, and useful for improving business health.
101 good reasons why independent insurance brokers NEED to recognise that it the insurance landscape is changing beyond all recognition and not just because of the economic climate and rising market...
Ontonix UK provides business intelligence and corporate performance management services using complexity-based analysis. They measure the complexity and entropy of organizations, markets, portfolios, and systems to assess fragility and risk of crisis. This helps clients intervene early before issues arise to better manage growth and restructure appropriately. Their techniques also enable real-time monitoring of complex and critical systems like banks' IT infrastructure for early warnings.
This document discusses the importance of transparency and communication for school districts. It argues that transparency and communication are both two-way processes that require a sender, a message, and an intended recipient. Transparency builds trust over time, while trust is essential for school districts because they "sell" safety, high expectations, equal opportunities, fiscal responsibility, and prepared graduates. The document provides tips for improving communication, such as listening, using "I" and "we" statements, conveying thoughts clearly without jargon, and developing rapport. It emphasizes that transparency does not mean exposing everything and communication means telling as much as possible to build trust within the community.
Rising complexity points to a turbulent environment. The sub-prime crisis could have been anticipated. Changes in complexity indicate imminent crisis. Analysis of 56 parameters related to the US housing market from 2004-2007 showed a sharp increase in complexity in early 2006, indicating growing uncertainty and interconnectedness that made the system fragile. While complexity remained high in 2007, the critical complexity threshold declined, showing the market's deteriorating health.
This document discusses the complexity of judging leadership and political parties based on surface level information. It questions whether people truly read party manifestos or rely on commentators' analyses. The document argues that more intimate knowledge is needed to gauge who can be trusted to deliver, but obtaining that level of transparency may be taking it too far. Overall, the document advocates for the need to understand complexity more and move beyond just fixes and patches toward meaningful change from the bottom up.
This document discusses the importance of customer service. It defines customer service as enhancing customer satisfaction through meeting expectations. A district's customers include employees, parents, students, board members, taxpayers, business leaders, and the media. Every customer is important. Good customer service is magical because it creates a connection with customers through things like a friendly smile. It provides tips for good customer service like listening, being accessible, keeping customers a priority, and over-delivering. It also gives advice for dealing with difficult customers such as assisting them quickly, smiling, listening without interrupting, not taking complaints personally, and requesting respect.
The document argues that we should view the world as composed of complex systems rather than machines. Complex systems are more than the sum of their parts, can exhibit multiple and unpredictable behaviors, and have effects that are nonlinear and disproportionate to their causes. This represents a shift from a world of risk, which can be analyzed and managed, to one of uncertainty that requires an adaptive approach rather than management.
The realisation that dynamic systems in economic and social domains behave in a similar manner to those found in nature is gaining momentum...but, unless the comparisons are drawn again and again the lessons will be overlooked by those whose belief systems cannot see beyond the models...no matter how flawed...that brought us to this point. I hope this presentation helps your understanding in some way. If so spread the word we NEED to get to work!
BLASTING FRAGMENTATION MANAGEMENT USING COMPLEXITY ANALYSIS David Wilson
This document discusses using complexity analysis to manage rock blasting fragmentation. It analyzes complexity levels and robustness of three blasting models - the empirical model used by a mine, an analytical model from literature, and field data from the mine. The analytical model has higher complexity and lower robustness. Complexity analysis can identify critical variables, compare models, and help design more robust blasting with less uncertainty given geological conditions. Future work aims to select the most robust model and identify the most critical fragmentation parameters through further complexity analysis.
sources are:
1) The document describes Resilience Rating, a cloud-based rating system that provides ratings for businesses based on their complexity levels and proximity to critical complexity. It aims to help businesses of all sizes diagnose hidden fragilities in their models.
2) A resilience rating measures the stability of a business's structure, rather than financial metrics like conventional ratings. It reflects how robust the business model is and ability to withstand turbulence. Ratings are determined based on analyzing a business's complexity profile and structure maps created from operational data.
3) Analyzing a business's complexity breakdown and structure maps provides insights into interdependencies, constraints, and sources of complexity that increase fragility. This helps businesses
The document discusses early warning systems (EWS), providing definitions and components of an effective EWS including risk awareness, monitoring and warning services, and response capability. It also outlines some potential obstacles to establishing an EWS, such as concerns over expenses, information silos within companies, and a lack of agreement on severity matrices. The SECure assessment tool is introduced as an innovative practice-oriented approach to identifying early warning indicators for small businesses.
Top 10 Interview Questions for Risk Analyst.pptxinfosec train
A Risk Analyst is in charge of reviewing and examining an organization's investment portfolio to ensure that the risk is acceptable in light of the company's commercial and financial goals.
https://www.infosectrain.com/courses/crisc-certification-training/
Centralized operations – Risk, Control, and CompliancePECB
The webinar covers:
• Centralized operation models (shared services)
• The benefits case
• Options for managing risk, control and compliance in centralized operations
Presenter:
This session was presented by Steve Tremblay, Senior ITSM Consultant and Trainer at ExcelsaTech, and a PECB Certified Trainer.
Link of the recorded session published on YouTube: https://youtu.be/LaLWI_ULjjU
Ontonix is a software and services firm that develops tools to measure and manage complexity in businesses and processes. Their flagship product, OntoSpace, analyzes financial and other data to assess the complexity, structure, and risk levels of companies. They offer online services like OntoNet that generate complexity maps and ratings. OntoDyn analyzes customer data to identify those at risk of attrition. Ontonix applies concepts of complexity science across disciplines to transfer knowledge and help clients cope with turbulent times through complexity management.
Presented to TASA/TASB Convention October 2, 2009 in Houston.
Presented to TASB Summer Leadership Institute June 13, 2009 in San Antonio and June 20, 2009 in Ft. Worth.
Judging A Book: Advocating (i2o: inside to out) Political change as an antedo...David Wilson
This document discusses the complexity of judging political leadership and delivering change. It questions whether people can really know who to trust given that manifestos are complex and commentators are supposedly impartial. True change requires more than just party political shifts and may need to rebuild trust from the bottom up. The document also discusses complexity management, noting that complexity is difficult to measure but accounts for uncertainty, and that systems near their critical complexity can easily become unstable and hard to manage.
This document discusses using complexity analysis as an advanced method for data mining. It involves 3 steps: 1) Measuring the information content in scatter plots using image entropy. 2) Identifying relationships between variables using mutual information. 3) Repeating steps 1 and 2 for all variable pairs to map dependencies and identify key interrelated and isolated variables. Complexity is defined by the number and nature of relationships, providing insights into system controllability, predictability, and distance from critical complexity. Complexity analysis can extract more useful insights than simple correlations when data is complex, turbulent or chaotic.
The document introduces Resilience Rating, a new online system for rating business resilience. It measures how well a business can withstand economic shocks. Companies can rate themselves by analyzing their own operational data. The system provides (1) a resilience score to assess fragility, (2) a ranking of key operational parameters to focus on, and (3) an interactive business structure map to examine interdependencies. The goal is to make ratings more democratic, objective, and useful for improving business health.
101 good reasons why independent insurance brokers NEED to recognise that it the insurance landscape is changing beyond all recognition and not just because of the economic climate and rising market...
Ontonix UK provides business intelligence and corporate performance management services using complexity-based analysis. They measure the complexity and entropy of organizations, markets, portfolios, and systems to assess fragility and risk of crisis. This helps clients intervene early before issues arise to better manage growth and restructure appropriately. Their techniques also enable real-time monitoring of complex and critical systems like banks' IT infrastructure for early warnings.
This document discusses the importance of transparency and communication for school districts. It argues that transparency and communication are both two-way processes that require a sender, a message, and an intended recipient. Transparency builds trust over time, while trust is essential for school districts because they "sell" safety, high expectations, equal opportunities, fiscal responsibility, and prepared graduates. The document provides tips for improving communication, such as listening, using "I" and "we" statements, conveying thoughts clearly without jargon, and developing rapport. It emphasizes that transparency does not mean exposing everything and communication means telling as much as possible to build trust within the community.
Rising complexity points to a turbulent environment. The sub-prime crisis could have been anticipated. Changes in complexity indicate imminent crisis. Analysis of 56 parameters related to the US housing market from 2004-2007 showed a sharp increase in complexity in early 2006, indicating growing uncertainty and interconnectedness that made the system fragile. While complexity remained high in 2007, the critical complexity threshold declined, showing the market's deteriorating health.
This document discusses the complexity of judging leadership and political parties based on surface level information. It questions whether people truly read party manifestos or rely on commentators' analyses. The document argues that more intimate knowledge is needed to gauge who can be trusted to deliver, but obtaining that level of transparency may be taking it too far. Overall, the document advocates for the need to understand complexity more and move beyond just fixes and patches toward meaningful change from the bottom up.
This document discusses the importance of customer service. It defines customer service as enhancing customer satisfaction through meeting expectations. A district's customers include employees, parents, students, board members, taxpayers, business leaders, and the media. Every customer is important. Good customer service is magical because it creates a connection with customers through things like a friendly smile. It provides tips for good customer service like listening, being accessible, keeping customers a priority, and over-delivering. It also gives advice for dealing with difficult customers such as assisting them quickly, smiling, listening without interrupting, not taking complaints personally, and requesting respect.
The document argues that we should view the world as composed of complex systems rather than machines. Complex systems are more than the sum of their parts, can exhibit multiple and unpredictable behaviors, and have effects that are nonlinear and disproportionate to their causes. This represents a shift from a world of risk, which can be analyzed and managed, to one of uncertainty that requires an adaptive approach rather than management.
The realisation that dynamic systems in economic and social domains behave in a similar manner to those found in nature is gaining momentum...but, unless the comparisons are drawn again and again the lessons will be overlooked by those whose belief systems cannot see beyond the models...no matter how flawed...that brought us to this point. I hope this presentation helps your understanding in some way. If so spread the word we NEED to get to work!
BLASTING FRAGMENTATION MANAGEMENT USING COMPLEXITY ANALYSIS David Wilson
This document discusses using complexity analysis to manage rock blasting fragmentation. It analyzes complexity levels and robustness of three blasting models - the empirical model used by a mine, an analytical model from literature, and field data from the mine. The analytical model has higher complexity and lower robustness. Complexity analysis can identify critical variables, compare models, and help design more robust blasting with less uncertainty given geological conditions. Future work aims to select the most robust model and identify the most critical fragmentation parameters through further complexity analysis.
sources are:
1) The document describes Resilience Rating, a cloud-based rating system that provides ratings for businesses based on their complexity levels and proximity to critical complexity. It aims to help businesses of all sizes diagnose hidden fragilities in their models.
2) A resilience rating measures the stability of a business's structure, rather than financial metrics like conventional ratings. It reflects how robust the business model is and ability to withstand turbulence. Ratings are determined based on analyzing a business's complexity profile and structure maps created from operational data.
3) Analyzing a business's complexity breakdown and structure maps provides insights into interdependencies, constraints, and sources of complexity that increase fragility. This helps businesses
The document discusses early warning systems (EWS), providing definitions and components of an effective EWS including risk awareness, monitoring and warning services, and response capability. It also outlines some potential obstacles to establishing an EWS, such as concerns over expenses, information silos within companies, and a lack of agreement on severity matrices. The SECure assessment tool is introduced as an innovative practice-oriented approach to identifying early warning indicators for small businesses.
Top 10 Interview Questions for Risk Analyst.pptxinfosec train
A Risk Analyst is in charge of reviewing and examining an organization's investment portfolio to ensure that the risk is acceptable in light of the company's commercial and financial goals.
https://www.infosectrain.com/courses/crisc-certification-training/
Centralized operations – Risk, Control, and CompliancePECB
The webinar covers:
• Centralized operation models (shared services)
• The benefits case
• Options for managing risk, control and compliance in centralized operations
Presenter:
This session was presented by Steve Tremblay, Senior ITSM Consultant and Trainer at ExcelsaTech, and a PECB Certified Trainer.
Link of the recorded session published on YouTube: https://youtu.be/LaLWI_ULjjU
Allgress provides business risk intelligence tools to help Chief Information Security Officers (CISOs) align security programs and investments with business objectives. Allgress offers modules for business risk intelligence, security and compliance assessment, vulnerability management, and incident management. These modules provide consistent, repeatable and defensible metrics to ensure security budgets are allocated appropriately and demonstrate how security initiatives impact business risk.
Self-rating is an online dynamic rating system that allows small businesses to assess and address hidden vulnerabilities in their business models. It helps businesses simplify their operations to reduce complexity, which is the primary risk factor in an unstable economy. The system provides affordable monthly or quarterly ratings that measure a business's current complexity and identify sources of excessive complexity. Simpler business structures are better able to withstand economic turbulence. Highly complex businesses tend to be fragile and unpredictable, and are more likely to suddenly fail without warning. Regular self-ratings can alert businesses if their complexity approaches critical levels that threaten sustainability.
Screening Online powered by World-CheckArzoo Edroos
1) Thomson Reuters Accelus provides financial crime prevention solutions that combine advanced software and World-Check's comprehensive intelligence on politically exposed persons and high-risk individuals/entities to help clients comply with AML, KYC, CFT and PEP regulations.
2) The solutions use World-Check's intelligence data and sophisticated matching technology to conduct screening and identify hidden risks, while also offering regulatory training and transaction monitoring services.
3) By taking a comprehensive approach that combines multiple technologies and data, Thomson Reuters Accelus helps firms improve efficiency, reduce costs and better manage regulatory and reputational risk compared to using various point solutions separately.
1. COSO Enterprise Risk Management (ERM) is a framework that helps companies consistently define and manage risks across the organization. It involves identifying, assessing, and responding to risks in a way that helps the company achieve its objectives.
2. The COSO ERM framework is represented as a cube with four columns of strategic objectives, eight rows of risk components, and multiple levels to describe the enterprise. It includes components like internal environment, objective setting, event identification, risk assessment, risk response, control activities, information & communication, and monitoring.
3. Control activities are policies and procedures that ensure risks are mitigated, such as separating duties and documentation. Information & communication ensures relevant information is shared to allow people
The document discusses COSO's Enterprise Risk Management framework. It defines ERM and explains why it is important for managing risks and uncertainties to achieve organizational objectives. The framework establishes eight components of ERM - internal environment, objective setting, event identification, risk assessment, risk response, control activities, information & communication, and monitoring. It provides guidance on implementing ERM.
This document introduces a new approach to measuring systemic risk through quantifying the complexity and resilience of interconnected systems. It defines a method to construct "business structure maps" from financial data to model a system's structure and interdependencies. A system's complexity is calculated from its structure and entropy, and resilience is defined as its current complexity relative to minimum and maximum bounds. Case studies apply this method to systems of major European and US banks, identifying which banks most impact the overall system complexity and resilience. The approach aims to measure resilience without building explicit system models, reducing risk from model uncertainties.
The document proposes an integrated risk assessment process that is robust, transparent, and based on COSO and Six Sigma frameworks. It involves using a Risk and Frequency Matrix to assess risks at the process level and validate resource allocation. A Risk Profile Analysis further examines inherent, business, and technology risks. Control assessments are also made. Cause and Effect Matrices are used to link key risks to process functions. Failure Mode and Effects Analyses identify potential process weaknesses. Preventive and detective controls are categorized by type and sub-type. The process aims to identify, prioritize, and reduce risks across the organization.
The document provides 5 steps for conducting better risk assessments, including adopting a root-cause approach to risk identification, standardizing a 1-10 assessment scale and criteria, linking risks to controls and strategic goals, and embedding risk management into everyday activities. It explains how prioritizing risks based on their root causes and using a consistent 1-10 scale allows organizations to better understand their top risks and prioritize mitigation activities. Following these best practices can help risk assessments add more value to businesses by providing transparent and actionable risk information.
The document describes a product called "Universe One" that aims to help organizations achieve IT governance through objective measurement and assessment. It provides mechanisms to [1] set an IT governance roadmap, [2] measure performance against the roadmap, and [3] identify weaknesses. The product allows for tailored assessments based on a project's complexity and requirements. It also claims to balance governance with business needs and risks.
The document discusses the challenges financial institutions face in an uncertain economic environment, termed the "New Normal". It emphasizes the importance of embedding risk management in decision making, using a common platform for risk, finance, and regulatory reporting. It also stresses the need to identify and manage various risks, from liquidity and credit to operational and compliance. Finally, it proposes that financial institutions undergo an "analytical transformation" through investments in a unified data model, infrastructure, and applications to achieve a holistic view of risk across the organization.
Ontonix Complexity Measurement and Predictive Analytics WP Oct 2013Datonix.it
Breakthrough analytics for your business. Ontonix model-free and patented technology is used for advanced BI, Risk and Business Governance Management. Discover the big picture from all structured business process and discover the hidden fragility an what your options are to fix it.
Do not measure the wrong KPI - we automatically discover the native and intrinsic key performance indicators for you.
The document discusses designing and evaluating management control systems (MCS). It addresses two questions when designing controls: what is desired and what is likely to happen. If what is likely differs from what is desired, controls and their tightness must be determined. People, action, and results controls are examined in terms of addressing lack of direction, motivation, and personal limitations. The choice of controls depends on being able to measure results and knowing which actions are desirable. Controls also evolve as firms grow toward increased formalization and information systems. The focus should remain on impacts of controls on employee behavior.
How More Industries Can Cultivate A Culture of Operational ResilienceDana Gardner
A transcript of a discussion on the many ways that businesses can reach a high level of assured business availability despite varied and persistent threats.
This document is a risk assessment report that contains several sections analyzing approaches to risk assessment for an organization's IT architecture. It discusses evaluating risk, qualitative and quantitative approaches, the organization's departments and how they interconnect, security certifications, and tools for conducting risk management research such as the Plus, Minus, Interesting method and applying the "what if" approach. The report provides an in-depth analysis of how to properly assess and manage risks to an organization's IT systems.
Banking & Financial Services Strengthening GRC In The Banking & Financial Ser...Mubeen Yaqoob
The document discusses the importance of effective governance, risk, and compliance (GRC) management for banking and financial services organizations. It notes that these organizations face intensifying regulatory pressures and requirements. It argues that consolidating disparate risk and compliance activities into an enterprise-wide GRC framework can help accelerate processes, reduce costs, and provide competitive advantages. Effective GRC requires integrating traditionally siloed risk management functions to allow for a holistic view of enterprise-wide risks and regulatory compliance. The document promotes 360factors' regulatory risk and compliance management software as a way for organizations to automate financial processes, streamline GRC, address regulatory challenges, and improve operational efficiency and decision-making.
Insurance Protection v Loss ResilienceDavid Wilson
The insurance industry are very efficient at selling 'risk protection' policies when any business (their own included) with aspirations of sustainability NEED to focus upon 'loss resilience'
Wilson, an insurance blogger and former broker, supports calls to regulate loss adjusters due to murky and unethical practices in the industry. He argues that brokers need to take a more active role in claims handling rather than handing things over to adjusters. Meanwhile, Oval Insurance Brokers has entered consultations with managers of its underwriting subsidiary Vela to simplify its business operations and management structure.
Ontonix: facilitating "Resilience Management"David Wilson
Measuring, managing (even influencing) or, accurately, rating business risk is "difficult" and modelling risk is impossible...but it doesn't stop those, with a vested interest, from conveying the impression that all are feasible! What they don't like to dwell upon is the fact that "risk" (known - based on probability - correlations) is only a very small part of what we have to deal with in a turbulent and uncertain (unknown and unknowable) world of probable, possible and plausible occurrences.
To manage resilience is to acknowledge and prepare for the sudden, unforeseen and unforeseeable [Black Swan] events that are a feature of our incredibly complex and inter-connected world.
Ontonix technology identifies [causal relationships ]nodes and hubs within complex systems. Extending the conventional "risk horizon" into the domain of uncertainty [unseen and unknown] with the ability to by map, measure, monitor and manage complexity and resilience.
Risk [Failed failsafe] v Resilience [Safe to fail]David Wilson
Whilst conventional risk management are "trending" toward the rather woolly concept of "risk culture" without sound theory and the ability to objectively measure much of great importance, courtesy of the capabilities developed by Ontonix, the new discipline of "Resilience Management" offers a rigorous quantitative approach to aid real-time, verifiable, decision-making.
When risk, in the Digital Age, evolves at such pace that even real-time observation may not be adequate, management techniques that rely upon reflexive analysis are woefully inadequate. Enabled by measurement, Resilience Management identifies sources of weakness that may impair the system's ability to absorb the unforeseen, therefore reducing risk and uncertainty by extending the risk horizon, to provide "crisis anticipation" or "anticipatory awareness"
According to Ontonix, higher complexity implies higher fitness and functionality for a system. However, complexity also makes systems more difficult to manage and fragile. When complexity approaches the maximum limit, systems become fragile and prone to failure. Managing complexity is important, and systems may need to be restructured or simplified when complexity becomes too difficult to oversee.
We Group Sustainable Community Eco SystemDavid Wilson
This diagram outlines the structure of an organization called We Group and its customer ecosystem. It includes external communities as well as internal functions like training, investment, consultancy, intellectual property, and social enterprise that support customers. The organization provides member services, a marketplace, and directory and works with introducers, networks, partners, suppliers, advertisers and affinity groups.
1. “Running a company based on just the financials is like driving a car
by only looking at the rear view mirror!”
Dr Jacek Marczyk, Founder & CTO of Ontonix s.r.l.
What is “Complexity management”?
Ontonix Complexity management solutions are based upon a practical and rational means of
measuring complexity. Our analysis combines the equivalent of risk management and corporate
strategy into a single unified scheme and is based upon a quantitative and holistic view of the state
and dynamics of a corporation as it interacts with its environment.
Complexity is the quantitative measure of the amount of structured information in a system.
Some facts about Complexity from Ontonix:
The amount of fitness of a system is proportional to its complexity – higher complexity
implies higher fitness
The amount of functionality of a system is proportional to complexity – more complex
system can perform more functions
Each system can only reach a specific maximum value of complexity
Close to the upper limit the system is fragile – it is unwise to operate close to this limit
High complexity = difficulty in management – highly complex systems are able to perform
more functions but at a price: they are not easy to manage
When a system is very complex and becomes difficult to manage, it is necessary to
restructure it, add new structure or to remove excess entropy
More components don’t necessarily imply more complexity – systems with few components
can be more complex than systems with many components
When presented with two equivalent options, for example in terms of performance, risk or
profit, select the one with the lower complexity – it will be easier to manage
Spasms or dramatic changes in dynamical systems are always accompanied by sudden
changes in complexity
In nature, systems tend toward states of higher complexity, but only until they reach the
corresponding maximum. This poses limits to growth and evolution
Systems with high complexity can behave in a multitude of ways (modes)
Systems with high complexity are more difficult to manage and control because of the
need to compromise
A system with a given complexity will be more difficult to manage if it is made to operate
in a more uncertain environment
"High complexity is incompatible with high precision" – this is known as L. Zadeh’s
Principle of Incompatibility. In essence, you can’t make precise statements about a highly
complex system
The amount of sustainable development a given system has is proportional to the
difference between its critical complexity and current value of complexity
A fundamental characteristic of highly complex systems: they are robust yet fragile!
2. How do You Rate the Structure of a Business?
Conventional ratings, such as those issued by rating agencies, focus on the financial aspects of a
business. While this is important, it is not sufficient to provide a global idea of the overall state of health
of a corporation.
Complexity-based ratings offered by Ontonix are stratified into five levels. This is in accordance with the
Principle of Incompatibility - highly complex systems cannot be described precisely. Examples are
illustrated above. Complexity-based ratings focus entirely on structural aspects of a business
not on its financials or financial performance. Excessive complexity of a business is a fundamental
source of its risk exposure as it points to a structure that is easily altered, both via endogenous as well
exogenous sources. Since excessive complexity is a “disease” which is invisible to conventional
techniques, the idea of a complexity rating is to establish a marker which can expose it. Moreover, high
complexity is undesirable because it may lead to surprises and unexpected behaviour.
The interpretation of complexity ratings is as follows:
1-Star: The business is globally close to its critical complexity. Its structure is weak. The business is
unsustainable and very fragile. Exposure is very high and the business is highly inefficient and very
difficult to manage. It is impossible to make forecasts and define realistic goals.
2-Star: The business is highly complex and difficult to manage and control. Exposure is high as well as
inefficiency. The structure of the business if fragile, hence vulnerable. It is difficult to make forecasts.
3-Star: Business complexity is moderately high but its structure is fairly robust. Predictability is
acceptable. Exposure is moderate.
4-Star: Low complexity points to a robust business structure. Predictability is high, exposure is low.
Business sustainability is quite high. The same may be said of efficiency.
5-Star: Very low complexity indicates a very strong business structure as well as very low exposure.
The business is manageable and it is possible to make credible forecasts. The business is potentially
highly sustainable and efficient.
In the case of businesses with 1 to 3 star ratings complexity reduction is a must. In those cases,
Complexity Profiling is the tool to adopt. It helps identify the sources of high complexity and points to
potential solutions.
For 4 and 5 star businesses, Complexity Profiling should be used from a monitoring perspective in order
to keep the business at a safe distance from critical complexity.
An example of the structure of a business is illustrated below:
3.
4. Ontonix is a privately held software and services firm which has been founded by a group of experts from the
aerospace, nuclear and civil engineering industries. The team collectively holds over sixty man-years of
experience in unconventional risk and complexity management and has developed in the past award-winning
software tools. Ontonix is headquartered in Como, Italy. Originally established in the USA, Ontonix develops
OntoSpace™, the World’s first system which allows one to actually measure and manage the complexity
of a business or a dynamic process. OntoSpace™ is an unusual and first-of-a-kind system which helps view
business strategy and management from a radically innovative perspective. Our technology not only shows
how excessive complexity is the source of risk, it has enabled us to devise a new theory of risk.
Tracking Complexity with OntoSpace™
OntoSpace™ 2009 sets new standards as far as Advanced BI-CPM and Diagnosis are concerned. What
managers and decision makers have lacked in the past was a single indicator that would reflect the state of
health of a business or an organization in a holistic fashion. Today, complexity provides such an index. The
power of OntoSpace™ lies in its ability to unveil non-intuitive behaviour of systems. As the complexity of a
system increases, the system can behave in an increasingly large number of unexpected ways, leading to
higher risk exposure.
This is precisely why complexity management establishes a radically innovative way to look at risk.
When can OntoSpace™ help?
Advanced Risk Management
Risk rating (credit, financial operating)
Business Intelligence and Corporate Performance Management (BI-CPM)
Financial & forensic audits
Asset management
Portfolio diversification
Stock market monitoring and diagnosis
Medicine, patient monitoring & diagnosis
Social and political studies
Industrial process monitoring
Defence, Homeland Security
Conflict and crisis anticipation, identification of failing states
IT & comm's system monitoring
Air traffic monitoring & diagnosis
Engineering
OntoDyn™ is a specific product for customer-retention analysis at banks or insurance companies. It processes
batches of customers and measures their stability, signalling those that may be at risk of being lost. The
driving idea behind OntoDyn™ is to provide an early-warning system on a weekly/monthly basis. The kind of
analysis that OntoDyn™ performs is unique in that it measures the stability of each client over a given
period of time. Clients with a low value of stability are indicated as those at risk of being lost.
Ontonix also offers an innovative on-line self-rating capability, OntoNet™, which allows one to perform a
near real-time check of the state-of-health of a given business process. The on-line service is easy to use
and produces intuitive Complexity & Risk Maps™ which help pinpoint the sources of complexity and fragility for
virtually any kind of business. The solution breaks new grounds and allows corporations to go beyond VAR,
conventional risk assessment, rating and management. With the Internet as the backbone of this global
service, our goal is to deliver complexity management to every corner of the economy, helping our customers
cope better with our turbulent times.
Ontonix is strongly committed to innovation and inter-disciplinary R&D. The company's underlying philosophy
is to research and identify the dynamic patterns occurring in Nature which manifest themselves in diverse and
often disjointed fields. This is done without resorting to traditional mathematical modelling techniques and
using the concept of complexity as a bridge between disciplines. As a result, we are able to quickly transfer
knowledge from one discipline to another without distortion and with a remarkable multiplier effect.