The white paper discusses the risks associated with "make" versus "buy" decisions for businesses. It outlines several risks involved with manufacturing internally ("make") like maintaining infrastructure and dealing with supply chain issues. For outsourcing ("buy"), the risks include complexity in supplier relationships and procurement challenges. The paper then introduces the SCRAY (Supply Chain Risk Assessment and Yield) model and platform that businesses can use to identify, measure, and manage risks across their entire supply chain from suppliers to customers. Implementing this three-tiered approach through customized tools and services can help companies gain visibility into risks and make more informed decisions.
Xavier Marguinaud, Underwriting Manager - Cyber at Tokio Marine HCC, contributes on Strategies to minimise loss and damage in Corporate Livewire Cyber Security & Data Protection Expert Guide, published in December 2017
How To Present Cyber Security To Senior Management Complete DeckSlideTeam
This template is useful in presenting cybersecurity plan to higher authority. Cybersecurity officer will present it to top level management. It will help in determining the roles and responsibilities of senior management and executives who are responsible in handling risks. Firm will also optimize its cybersecurity risk framework. Firm will assess the current concerns that are impeding cybersecurity in terms of increase in cybercrimes, data breach and exposure and amount spent on settlements. It will also analyze firm its current cybersecurity framework. Firm will categorize various risk and will assess them on parameters such as risk likelihood and severity. The IT department will also improve their incident handling mechanism. Cybersecurity contingency plan will be initiated by firm. In this plan, firm will build an alternate site for backup maintenance. Backup site selection will be done by keeping certain parameters into consideration such as cost for implementation, duration, location, etc. The other plan essentials include business impact assessment, vital record maintenance, recovery task list maintenance, etc. The template also includes information regarding the role of personnel in terms of role and responsibilities of line managers, senior managers and executives in risk management. It also includes information related to the role of top management in ensuring effective information security governance. The information regarding the budget required for the cybersecurity plan implementation is also provided with staff training cost. https://bit.ly/35YJ5W9
Resilient Supply Chains: How to Dynamically Manage Risk, Opportunity, and Bus...IHS
Supply chain disruptions are occurring at an alarming rate. An unrelenting barrage of man-made risk and natural disasters has made a profound and highly-visible impact on many global operations. Despite immediate attention on short term recovery, companies affected experience sustained, long-term impacts to share price, shareholder value, and operating performance.
Companies can no longer afford to be unprepared for the inevitability of disruption. As simple players within large, globally-integrated supply chains, they must become resilient to the volatile factors threatening sustained performance. And, resilience will only be achieved when companies master the ability to sense and respond to changes -- before they occur.
Join this 1-hour webcast where IHS experts will discuss supply chain risk and outline the importance of becoming resilient:
Who is at risk from supply chain disruption?
What does it mean to be resilient?
Where do traditional approaches to risk fail?
Why are leaders re-tooling their super-lean supply chains?
How can your organization sense and respond to change?
A recording of this presentation can be viewed here: http://www.slideshare.net/ihs_supplychain/resilient-supply-chains-how-to-dynamically-manage-risk-opportunity-and-business-continuity-25924392
6 Pitfalls when Implementing Enterprise Risk ManagementPECB
This webinar covers seven common pitfalls faced when establishing enterprise risk management. Also, it conveys the commitment necessary for the proper implementation in order to achieve organizational objectives over time.
Main points covered:
Major drawbacks in Enterprise Risk Management
• Weak tone at the top
• Focusing on issues instead of risks
• Not embedding ERM within business
• Not rethinking perspective towards risk
• Unidimensional risk evaluation
• Vague risk responses
Presenter:
Shady Hallab is an Experienced Manager at PricewaterhouseCoopers LLP in Montreal. He focuses mainly on managing and directing enterprise risk management programs and acts as a risk advisor for evaluating and recommending risk solution best practices for a wide range of private, public and government organizations.
Link of the recorded session published on YouTube: https://youtu.be/GRj_GdIqIo4
Xavier Marguinaud, Underwriting Manager - Cyber at Tokio Marine HCC, contributes on Strategies to minimise loss and damage in Corporate Livewire Cyber Security & Data Protection Expert Guide, published in December 2017
How To Present Cyber Security To Senior Management Complete DeckSlideTeam
This template is useful in presenting cybersecurity plan to higher authority. Cybersecurity officer will present it to top level management. It will help in determining the roles and responsibilities of senior management and executives who are responsible in handling risks. Firm will also optimize its cybersecurity risk framework. Firm will assess the current concerns that are impeding cybersecurity in terms of increase in cybercrimes, data breach and exposure and amount spent on settlements. It will also analyze firm its current cybersecurity framework. Firm will categorize various risk and will assess them on parameters such as risk likelihood and severity. The IT department will also improve their incident handling mechanism. Cybersecurity contingency plan will be initiated by firm. In this plan, firm will build an alternate site for backup maintenance. Backup site selection will be done by keeping certain parameters into consideration such as cost for implementation, duration, location, etc. The other plan essentials include business impact assessment, vital record maintenance, recovery task list maintenance, etc. The template also includes information regarding the role of personnel in terms of role and responsibilities of line managers, senior managers and executives in risk management. It also includes information related to the role of top management in ensuring effective information security governance. The information regarding the budget required for the cybersecurity plan implementation is also provided with staff training cost. https://bit.ly/35YJ5W9
Resilient Supply Chains: How to Dynamically Manage Risk, Opportunity, and Bus...IHS
Supply chain disruptions are occurring at an alarming rate. An unrelenting barrage of man-made risk and natural disasters has made a profound and highly-visible impact on many global operations. Despite immediate attention on short term recovery, companies affected experience sustained, long-term impacts to share price, shareholder value, and operating performance.
Companies can no longer afford to be unprepared for the inevitability of disruption. As simple players within large, globally-integrated supply chains, they must become resilient to the volatile factors threatening sustained performance. And, resilience will only be achieved when companies master the ability to sense and respond to changes -- before they occur.
Join this 1-hour webcast where IHS experts will discuss supply chain risk and outline the importance of becoming resilient:
Who is at risk from supply chain disruption?
What does it mean to be resilient?
Where do traditional approaches to risk fail?
Why are leaders re-tooling their super-lean supply chains?
How can your organization sense and respond to change?
A recording of this presentation can be viewed here: http://www.slideshare.net/ihs_supplychain/resilient-supply-chains-how-to-dynamically-manage-risk-opportunity-and-business-continuity-25924392
6 Pitfalls when Implementing Enterprise Risk ManagementPECB
This webinar covers seven common pitfalls faced when establishing enterprise risk management. Also, it conveys the commitment necessary for the proper implementation in order to achieve organizational objectives over time.
Main points covered:
Major drawbacks in Enterprise Risk Management
• Weak tone at the top
• Focusing on issues instead of risks
• Not embedding ERM within business
• Not rethinking perspective towards risk
• Unidimensional risk evaluation
• Vague risk responses
Presenter:
Shady Hallab is an Experienced Manager at PricewaterhouseCoopers LLP in Montreal. He focuses mainly on managing and directing enterprise risk management programs and acts as a risk advisor for evaluating and recommending risk solution best practices for a wide range of private, public and government organizations.
Link of the recorded session published on YouTube: https://youtu.be/GRj_GdIqIo4
A Bridge Too Far? Risk Appetite, Governance and Corporate Strategy (Whitepaper)NAFCU Services Corporation
“Many firms have made progress in developing their risk appetite frameworks and have
begun multiyear projects to improve the supporting IT infrastructure,” said David M.
Wallace, Global Financial Services Marketing Manager at SAS. “As a provider of risk
solutions, we have seen much more interest over the past three years in firms looking to
have additional technology to support a firmwide view of risk exposures. Learn more at: www.nafcu.org/sas
Top 5 secrets to successfully jumpstarting your cyber-risk programPriyanka Aash
Businesses like Autodesk understand that cyber-risk management is essential, but they often don’t know where to begin. Autodesk implemented a cyber-risk framework in six months by using Agile software development, risk modeling and risk quantification. This session will explore the company’s success secrets and offers advice on how security leaders can jumpstart their cyber-risk program.
(Source : RSA Conference USA 2017)
Designing and maintaining an effective AML compliance program has proven to be a challenge for many organizations.
A good AML program covers the areas of governance, management, assurance, and monitoring needed to establish an effective and holistic view of their AML requirements.
Corporater’s AML solution enables you to holistically govern, manage, and assure your AML program across the three lines of defense. Learn more – http://bit.ly/2NmChwF
How To Handle Cybersecurity Risk Powerpoint Presentation SlidesSlideTeam
"You can download this product from SlideTeam.net"
Presenting How To Handle Cybersecurity Risk Powerpoint Presentation Slides. This complete PPT deck is composed of 55 visually-stunning templates. Build a presentation faster using our 100% customizable PowerPoint slideshow. Edit text, font, colors, orientation, shapes, background, and patterns however you choose. Change the file format into PDF, PNG, or JPG as and when convenient. This presentation works well with standard and widescreen resolutions. Use Google Slides for a quick view. https://bit.ly/3woGCUj
Underinsurance of property risks1 is a global challenge. Much of the protection gap is due to uninsured global natural catastrophe risk, which has been rising steadily over the past 40 years
Accenture 2015: Global Risk Management Study - North American Insurance ReportAccenture Insurance
Attitudes towards insurance risk management have evolved tremendously over the past decade, moving from a regulatory-focused strategy to the building of a mature, value-centric risk strategy.
Accenture's 2015 North American Insurance Risk Management Study is an extension of our popular global risk survey and explores how U.S. and Canadian CROs are positioning risk within their enterprises and what issues and trends they are facing.
Protecting pastoralists against mortality losses due to severe forage scarcityILRI
Presented by Andrew Mude at the Workshop on The Future of Pastoralism in Africa: International Conference to Debate Research Findings and Policy Options, Addis Ababa, 21-23 March 2011.
This presentation features the Risk Analysis Module of the Social Enterprise Learning Toolkit developed by Enterprising Non-Profits. The Toolkit offers a number of different learning modules and can be found on the enp website at www.enterprisingnonprofits.ca
Security & Risk are TWO sides of the same coin. The Risk side touted as GRC is the opposite of i3S (Integrated Safety, Security & Surveillance). Even Homeland Security could learn something from us.
A Bridge Too Far? Risk Appetite, Governance and Corporate Strategy (Whitepaper)NAFCU Services Corporation
“Many firms have made progress in developing their risk appetite frameworks and have
begun multiyear projects to improve the supporting IT infrastructure,” said David M.
Wallace, Global Financial Services Marketing Manager at SAS. “As a provider of risk
solutions, we have seen much more interest over the past three years in firms looking to
have additional technology to support a firmwide view of risk exposures. Learn more at: www.nafcu.org/sas
Top 5 secrets to successfully jumpstarting your cyber-risk programPriyanka Aash
Businesses like Autodesk understand that cyber-risk management is essential, but they often don’t know where to begin. Autodesk implemented a cyber-risk framework in six months by using Agile software development, risk modeling and risk quantification. This session will explore the company’s success secrets and offers advice on how security leaders can jumpstart their cyber-risk program.
(Source : RSA Conference USA 2017)
Designing and maintaining an effective AML compliance program has proven to be a challenge for many organizations.
A good AML program covers the areas of governance, management, assurance, and monitoring needed to establish an effective and holistic view of their AML requirements.
Corporater’s AML solution enables you to holistically govern, manage, and assure your AML program across the three lines of defense. Learn more – http://bit.ly/2NmChwF
How To Handle Cybersecurity Risk Powerpoint Presentation SlidesSlideTeam
"You can download this product from SlideTeam.net"
Presenting How To Handle Cybersecurity Risk Powerpoint Presentation Slides. This complete PPT deck is composed of 55 visually-stunning templates. Build a presentation faster using our 100% customizable PowerPoint slideshow. Edit text, font, colors, orientation, shapes, background, and patterns however you choose. Change the file format into PDF, PNG, or JPG as and when convenient. This presentation works well with standard and widescreen resolutions. Use Google Slides for a quick view. https://bit.ly/3woGCUj
Underinsurance of property risks1 is a global challenge. Much of the protection gap is due to uninsured global natural catastrophe risk, which has been rising steadily over the past 40 years
Accenture 2015: Global Risk Management Study - North American Insurance ReportAccenture Insurance
Attitudes towards insurance risk management have evolved tremendously over the past decade, moving from a regulatory-focused strategy to the building of a mature, value-centric risk strategy.
Accenture's 2015 North American Insurance Risk Management Study is an extension of our popular global risk survey and explores how U.S. and Canadian CROs are positioning risk within their enterprises and what issues and trends they are facing.
Protecting pastoralists against mortality losses due to severe forage scarcityILRI
Presented by Andrew Mude at the Workshop on The Future of Pastoralism in Africa: International Conference to Debate Research Findings and Policy Options, Addis Ababa, 21-23 March 2011.
This presentation features the Risk Analysis Module of the Social Enterprise Learning Toolkit developed by Enterprising Non-Profits. The Toolkit offers a number of different learning modules and can be found on the enp website at www.enterprisingnonprofits.ca
Security & Risk are TWO sides of the same coin. The Risk side touted as GRC is the opposite of i3S (Integrated Safety, Security & Surveillance). Even Homeland Security could learn something from us.
5th generation training is an SBT. 1st you had user & technical manuals. 2nd you had overhead and slide projectors. Then came VHS NTSC and PAL video based training. 4th came CBT (Computer Based Training) supplied on CDs and DVD's. The 5th is on a hard-disk deployed integrated into the cloud online with controlled access to free, paid-for OR allowed groups only.
Cloud backend for a LARGE network of Smartphones and TabletsEdgevalue
Whether cloud, Subscription as a Service, Platform as a Service or Subscription if you need to have good a back-end servers, platform to delivery on millions of devices that need to be integrated in real-time.
Assess people correctly, early and regularly. Use tools, appraisal systems, some profiling is inevitable. Bring advertising demographics, psychographics into play. Competency Mapping, Metrics and Gaps are integral to People Development.
eGovernance the way it needs to be done. You need a think-tank and a thinker to moderate and facilitate it. handle the multiple stakeholders, short term, medium term and longer term vision keeping in mind budgets and resource constraints.
An integrated and holistic approach to a lifelong teaching and learning practice for anyone. Formal, informal, fun, media, entertainment, business or a lifestyle.
Top 10 Interview Questions for Risk Analyst.pptxinfosec train
A Risk Analyst is in charge of reviewing and examining an organization's investment portfolio to ensure that the risk is acceptable in light of the company's commercial and financial goals.
https://www.infosectrain.com/courses/crisc-certification-training/
Six Crucial Steps for Insurance Companies to Excel in Risk Management360factors
The emerging cyber insurance industry has a unique chance to differentiate itself by correctly measuring risk and assisting clients to improve their cybersecurity coverage, decreasing their risk profile. Insurance and risk management are inextricably linked. Although insurance supplements risk management efforts for businesses, sound risk management is critical to an insurance firm’s survival.
For more details: https://bit.ly/41wgVPa
Vendor Cybersecurity Governance: Scaling the riskSarah Clarke
An overview of the scale of the challenge and rational ways to cut that down to manageable and governable size. Slides compliment recent supplier security governance related posts on Infospectives.co.uk and LinkedIn.
How close is your organization to being breached | Safe SecurityRahul Tyagi
Traditional methods are certainly limited in
their capabilities and this is easily proven by
the multitude of breaches businesses were a
victim of, across the globe. The 2020 Q3 Data
Breach QuickView Report revealed that the
number of records exposed in 2020 has
increased to 36 billion globally. The report
stated that there were 2,953 publicly
reported breaches in the first three quarters
of 2020 itself! 2020 is already named the
“worst year on record” by the end of Q2 in
terms of the total number of records
exposed. With the growing sophistication of
cyber-attacks and global damages related
to cybercrime reaching $6 trillion by 2021, we
need a solution that simplifies
cybersecurity.
To know more about breach probability visit : www.safe.security
Risk & Advisory Services: Quarterly Risk Advisor May 2016CBIZ, Inc.
This issue includes the following articles: 1) 3 Questions Every Board Needs to Ask About Enterprise Risks 2) 3 Ways to Improve Your Credit Card and Data Security 3) 5 Major Risks Construction Project Owners Face
What Small Business Can Do To Protect Themselves Now in CybersecurityReading Works Detroit
On October 16, Daniel Cherrin spoke at the Wall Street Journal PRO Cybersecurity Small Business Academy at the Monarch Beach Resort in Dana Park, California. You can find an excerpt from his remarks on Incident Response on a Budget at http://www.northcoaststrategies.com/blog/steps-you-can-take-now-to-prepare-for-the-next-data-breach-that-wont-cost-a-lot-of-money.
As if IT security didn’t have enough issues to contend with, it now has another. And,it’s a troublesome one...mitigating the risk of repelling customers because security defenses make your company unattractive or too hard to do business with. In this age of the customer – who wants everything available on every device from everywhere all the time – IT security is at risk of hurting the very business it is charged with protecting.
Assess people correctly, early and regularly. Use tools, appraisal systems, some profiling is inevitable. Bring advertising demographics, psychographics into play. Competency Mapping, Metrics and Gaps are integral to People Development.
With all the focus on Healthcare. Lowering costs, Out-sourcing. Generic drugs. HL7 & HIPAA getting the bigger picture and ensuring SOCIAL and BUSINESS needs are merged is important. Corporate Social Responsibility, Ethics, Values, Transparency ALONG with Business, Revenue, Profit, Patents, Trade-secrets & IPR.
Remote sensing and monitoring are changing the mining industry for the better. These are providing innovative solutions to long-standing challenges. Those related to exploration, extraction, and overall environmental management by mining technology companies Odisha. These technologies make use of satellite imaging, aerial photography and sensors to collect data that might be inaccessible or from hazardous locations. With the use of this technology, mining operations are becoming increasingly efficient. Let us gain more insight into the key aspects associated with remote sensing and monitoring when it comes to mining.
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...BBPMedia1
Grote partijen zijn al een tijdje onderweg met retail media. Ondertussen worden in dit domein ook de kansen zichtbaar voor andere spelers in de markt. Maar met die kansen ontstaan ook vragen: Zelf retail media worden of erop adverteren? In welke fase van de funnel past het en hoe integreer je het in een mediaplan? Wat is nu precies het verschil met marketplaces en Programmatic ads? In dit half uur beslechten we de dilemma's en krijg je antwoorden op wanneer het voor jou tijd is om de volgende stap te zetten.
Business Valuation Principles for EntrepreneursBen Wann
This insightful presentation is designed to equip entrepreneurs with the essential knowledge and tools needed to accurately value their businesses. Understanding business valuation is crucial for making informed decisions, whether you're seeking investment, planning to sell, or simply want to gauge your company's worth.
Affordable Stationery Printing Services in Jaipur | Navpack n PrintNavpack & Print
Looking for professional printing services in Jaipur? Navpack n Print offers high-quality and affordable stationery printing for all your business needs. Stand out with custom stationery designs and fast turnaround times. Contact us today for a quote!
As a business owner in Delaware, staying on top of your tax obligations is paramount, especially with the annual deadline for Delaware Franchise Tax looming on March 1. One such obligation is the annual Delaware Franchise Tax, which serves as a crucial requirement for maintaining your company’s legal standing within the state. While the prospect of handling tax matters may seem daunting, rest assured that the process can be straightforward with the right guidance. In this comprehensive guide, we’ll walk you through the steps of filing your Delaware Franchise Tax and provide insights to help you navigate the process effectively.
Putting the SPARK into Virtual Training.pptxCynthia Clay
This 60-minute webinar, sponsored by Adobe, was delivered for the Training Mag Network. It explored the five elements of SPARK: Storytelling, Purpose, Action, Relationships, and Kudos. Knowing how to tell a well-structured story is key to building long-term memory. Stating a clear purpose that doesn't take away from the discovery learning process is critical. Ensuring that people move from theory to practical application is imperative. Creating strong social learning is the key to commitment and engagement. Validating and affirming participants' comments is the way to create a positive learning environment.
Improving profitability for small businessBen Wann
In this comprehensive presentation, we will explore strategies and practical tips for enhancing profitability in small businesses. Tailored to meet the unique challenges faced by small enterprises, this session covers various aspects that directly impact the bottom line. Attendees will learn how to optimize operational efficiency, manage expenses, and increase revenue through innovative marketing and customer engagement techniques.
Taurus Zodiac Sign_ Personality Traits and Sign Dates.pptxmy Pandit
Explore the world of the Taurus zodiac sign. Learn about their stability, determination, and appreciation for beauty. Discover how Taureans' grounded nature and hardworking mindset define their unique personality.
Attending a job Interview for B1 and B2 Englsih learnersErika906060
It is a sample of an interview for a business english class for pre-intermediate and intermediate english students with emphasis on the speking ability.
3.0 Project 2_ Developing My Brand Identity Kit.pptxtanyjahb
A personal brand exploration presentation summarizes an individual's unique qualities and goals, covering strengths, values, passions, and target audience. It helps individuals understand what makes them stand out, their desired image, and how they aim to achieve it.
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...BBPMedia1
Marvin neemt je in deze presentatie mee in de voordelen van non-endemic advertising op retail media netwerken. Hij brengt ook de uitdagingen in beeld die de markt op dit moment heeft op het gebied van retail media voor niet-leveranciers.
Retail media wordt gezien als het nieuwe advertising-medium en ook mediabureaus richten massaal retail media-afdelingen op. Merken die niet in de betreffende winkel liggen staan ook nog niet in de rij om op de retail media netwerken te adverteren. Marvin belicht de uitdagingen die er zijn om echt aansluiting te vinden op die markt van non-endemic advertising.
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...
Riskpro SCRAY whitepaper
1. WHITE PAPER
Make or Buy
Since the dawn of the industrial era this is a question that should remain upper-
most in the decision-making of every successful business venture. The
underlying and overlying factor between ‘make’ or ‘buy’ is risk. Listing it.
Quantifying each. Qualifying each. Costing. Rating each. Ranking them. Regular
periodic maintenance. Decision Making based on currently acceptable ‘lower’ and
‘upper’ limits of risk aversion or appetite.
Take the USA for example. Decisions taken over time - and even now – decided
they would buy from China. Now it’s too late. You can’t ‘make’ anymore in the
USA. Had the US incorporated ‘risk’ as a national rating system – they would not
be in the mess they are in today.
‘Make’ Risks
Make implies internal infrastructure, capital intensive, plant & machinery, fixed
costs, raw materials, processing, value-addition, assembly, finished goods,
packaging, storage, distribution and the whole cycle of Supply Chain as OUR
problem, internally managed.
The list of risks across the Supply Chain can fill a DVD. We’ll come to this later.
‘Buy’ Risks
A decision to buy; at its base level implies Trading. Perhaps with no value-
addition. At a micro-level this could be just the knowledge of who has this and
protecting your sources. It could also imply bulk Buying, Stocking or Logistics
leverage. At an intermediate level there could be minimal to significant value-
addition in terms of assembly, cross-docking, processing, finishing or an
enormous range of ‘actual’ and ‘perceived’ benefits.
Essential difference between ‘Make’ and ‘Buy’ are an increased number of
Suppliers; complexity in range of just-in-time supply needs; Procurement ‘head-
aches’ that need to be constantly tracked.
2. ‘Buy’ is here to stay.
With the dominance of manufacturing by a few countries such as China, Korea,
Taiwan, India, Indonesia, Brazil, Russia, South Africa …
Out-sourcing is on the increase. Contract Manufacturing, Off-shoring,
Franchising, Vendor Managed Inventory, Consignment Sales, Managed Services,
Staff Augmentation, Consultants, Temps all implies a constant and regular
increase in the ‘Risk’ and exposure that any Government, State, Enterprise, Team
or Individual faces in every section of the Supply Chain. Whether up-stream or
down-stream.
With globalisation, cost-reduction, mass manufacturing, just-in-time inventory,
zero-based budgeting most manufacturing and service-delivery is being
consolidate in a few, large complexes. This is constantly increasing the cost and
complexity of Logistics. In-logistics, Out-logistics, Warehousing, Distribution,
Forecasting, Planning with ever increasing inherent risk.
Vendor Information Systems; Vendor Rating; Vendor Engagement are
paramount.
SCRAY
The Riskpro Supply Chain Rating And Yield (SCRAY) model allows you to build
a comprehensive, single-point, right-to-left, top-to-bottom, front-to-back system
that allows your to focus on and track and any risks related to ‘Make’ and/or
‘Buy’ whatever your Business or Industry. Services or Manufacturing or Agro.
Based. Aeronautics; Electronics; Defense; Energy Production, Transmission or
Distribution; Retail; Healthcare; Banking … anywhere where Vendors, Vendor
People-Bases; Vendor-Supplies; Customer-facing or Cash-handling exists.
Customers
Customers and Market Demand is what drives a Supply Chain in the first place.
Sales Forecasting. Product Specifications. Service Level Agreements. Pricing.
Demographics. Psychographics. Geography all play into significant ‘risks’ in the
SCRAY model.
3. The customer is king and Customers are very important to the Business. Your best
Customer gives you maximum revenue and the highest profit.
What if they go bust? What if they can’t or won’t pay? Where you caught un-
aware?
What is Risk?
'Risk' means different things in different industries to different people at different
times.
1. If you are insured then you don't have to worry about a thing.
2. It's fate. If its' meant to happen, it's going to happen, don't even think
about it.
3. Pray. Donate. Pilgrimage. Sacrifice. Be good ... risk won't happen.
4. It's the other side of the coin. If safe, secure and vigilant; there is no risk.
5. Governance, Risk and Compliance (GRC) are the 3-corners of a stable
Enterprise Tripod.
6. Integrated Safety, Security & Surveillance (i3S) will ensure that Risk is
minimized.
7. Risk is inevitable; it has to be managed. It has to be 'Identified', 'Measured'
and 'Managed'. However, it is qualitative and cannot be quantified.
8. Using a six-sigma paradigm, if you don’t measure it – you don’t know
anything about it. You have to start metrics and numbers about ‘Risk’.
The cost of not managing 'Risk'
1. It's an overhead. It's an un-necessary expense. No one plans for it. It was not
budgeted for. We can't afford it .... TILL SOMETHING HAPPENS!
2. The cost of litigation. Environment damages. Class action suits.
3. Force majeure events. Earthquakes. Volcanic eruption. Solar flare related
communications or Energy outages. Floods.
4. Political. Country-specific ‘leftist’ or ‘rightist’ governments that change laws
within 6 months from ‘favourable’ to ‘unfavourable’.
Possible Solution
1. The ostrich syndrome. (Put your head underground and there is no problem).
or pigeon syndrome (close your eyes the enemy is not there).
4. 2. Insurance. It solves most problems.
3. What if either/neither of the above is acceptable …
4. A first step is that an 'R %age' of your Revenue or Budget or EACH
PRODUCT or SERVICE ITEM must be allocated to Risk Management. The
'R' must be kept to a minimum; and must be included in everything that we are
talking about in this document
Action Steps
1. Add a ‘Risk’ Layer to your existing Vendor Information System.
2. Implement a Vendor Rating System.
3. Track your Vendor’s Financials annually. Track your Vendor’s Liquidity on a
quarterly basis.
4. Since risk is inherently subjective having a qualitative measure and have a 3-
point, 4-point or 9-point degree of risk makes sense.
5. Link all ‘assets’ and ‘liabilities’ with a 3-tier structure to your ‘Revenue’,
‘Expenses’ and ‘Profit’ bottom-lines.
6. Do you track ‘incidents’ in your firm? What about an internal FIR (Police
First Information Report) kind of system within your Enterprise?
7. Is integrated Safety, Security & Surveillance under the same Management as
Governance, Risk & Compliance?
8. Is ‘physical’ security and ‘virtual’ security treated with equal importance,
competence and similar systems, methods, controls and checks and balances?
5. Our 3-tier approach
The single-point, one-off and first-of-its-kind People Risk Solution which we call
SCRAY (Supply Chain Risk Assessment & Yield) solution from Riskpro India
Ventures Pvt. Ltd. includes three broad components.
PART X : Model : SCRAY. A system, process, methodology, qualitative and
quantitative method to have a similar comparable concept across Industries but
specific to Manufacturing, Services or Agro. based. Typical to the model 20% of
customization mostly at the 3rd level allows Apples to Apples and Oranges to
Oranges comparison at an Individual, Enterprise, Group and Competitors level. It
is a part of ERM & ORM (Enterprise and Operational Risk Management, Internal
(or External) Audit. Just doing this better.
PART Y : Tool : With Vendors, Staff and Sourcing spread across the Globe,
within each Country and into far-flung growing & mining areas etc. Reach and a
collaborative collective portal Platform is of paramount importance. You have
user-bases that need to access the same data, information, reports and analytics
and track trends in risk increase. This is best done with our cloud based Platform.
Server-side software as a tool, enabler, safe, secure, private, integrity ensured for
each and all to use one ‘standard’ the SCRAY standard to Identify, Measure &
Manage Risk.
PART Z : Services : The Model + Tool requires People and Services to make
happen. You can do it yourself (DIY). Else you can out-source this to us as
Managed Services. You could take Staff from us part-time, first-time or on-going.
We could help you with this as your Internal (Or External Audit) Process.
Hosting, uptime, Service Levels, Business Continuity, integration with other
modules, IT inter-operability are all options that we have expertise in to remain
your one-stop-shop.
What we do
IDENTIFY MEASURE MANAGE