Recently, large corporations have been a hot topic of conversation. For instance, consider yesterday’s headlines, “A breach of credit and debit card data at discount retailer Target,” may have affected as many as 40 million shoppers. According to Ponemon Institute, a data breach incident costs U.S. companies $188 per compromised customer record. This gives the Target breach an estimated cost of over $8 million. Without an adequate ERM monitoring system in place to manage risk, Target may face fines from federal agencies like the SEC for negligence. Rather than dwell on recent events, corporations, like Target, can in fact move forward and overcome future setbacks.
How can corporations prevent losses and manifestations of risk?
The LogicManager Analyst Team contends, tomorrow’s surprises are known and foreseeable. The proliferation of technology has resulted in easily accessed data trails (i.e. email). Inevitably, 6 weeks down the road, the root cause of risk will be not only known, but well documented at lower levels of the organization.
With an enterprise risk management process and an ERM software, the risk would have been documented and assessed in a way that provided transparency to upper management. In turn, upper management then is afforded time and opportunity to take action. An ERM software system can enable a corporation to mitigate inevitable penalties and law suits that follow breaches. Target is not alone, according RIMS, 94% of corporate America have only ad-hoc or initial processes in place to monitor and prevent risks from materializing.
The steps to enterprise risk management success are known and repeatable, but with so much going on with the day-to-day activities of organizations, a software system is required in order to prioritize and elevate risks. For large organizations, ERM software system would have cost less than a fraction of the penalty, fines, and lawsuits associated with events such as credit breaches. In our interconnected world, where multiple departments are involved in the identification and mitigation of a risk, ERM software is a necessity for risk managers to do their jobs effectively.
 2013 Cost of a Data Breach Study, Untied States – Ponemon Institute. 06/13/13. Available here.