Lisa Peternel on Understanding Risk Management for Businesses

In business, it’s imperative that leaders know what threats exist with potential to disrupt business operations. There should also be plans in place for the oversight of all current and emerging risks. Three of the most common risks faced by organizations today are related to operations, technology and cybersecurity.

Operational Risk

Operational risk is defined as, “the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events.” There are three levels of operational risk management. In-depth risk management is used prior to project implementation. This is when there’s plenty of time to plan and prepare. Deliberate risk management is done routinely throughout a project’s implementation. This could include quality assurance, performance reviews and safety checks. Time critical risk management is used during task execution when a high degree of situational awareness is necessary. If the in-depth and deliberate risk management is properly done, this can make time critical risk management a much smoother process.

Technology Risk

Technology Risk is the potential for losses due to technology failures. For example, this could be seen in an ecommerce website crashing, resulting in lost revenue. For trading companies, it could be a faulty algorithm that results in losses due to illogical trades. Any company that uses technology is at risk for technology issues. The key is to anticipate them in advance and have a system in place for instances where risk needs to be managed.

Cybersecurity Risk

Cybersecurity risk is the possibility of a breach in security via technology avenues. This could be a data breach or cyber attack on your organization. Businesses today are becoming increasingly reliant on computers, programs and networks, making them more vulnerable to cyber threats if their data isn’t sufficiently protected. IT risk management needs to be complemented by sophisticated cyber security measures for efficient cybersecurity risk management. Risk assessments and mitigation strategies need to be a priority, and a response plan should be in place in the event that a breach or other cyber attack does occur.

To effectively manage all types of risk, companies should hire a subject matter expert who can effectively influence change across the organization. That leader should then directly engage with the appropriate personnel to ensure the installation of a company culture of strong risk management.

Lisa Peternel is a results-oriented operational and information technology risk management executive with over 25 years of experience. She has a proven track record managing operational, technology and cybersecurity risk for multinational firms. Lisa

Lisa E. Peternel, Operational Risk Management Expert, on Understanding Risk Management for Businesses

Peternel is currently the owner of Operational Risk & Cybersecurity Solutions, LLC.