Which Holiday Character Best Represents Your Risk Management Work?
Steven Minsky | Dec. 25, 2017
ENTERPRISE RISK MANAGEMENT – RUDOLPH
Santa Claus sat in his sleigh, filled with presents for children around the world, but the fog and snow were so thick that he couldn’t safely take flight. How was he going to guide his sleigh? Not only was the fog blinding vision, but obstacles of rooftops and snowflakes continually came up along the way. Luckily, along came Rudolph with a nose so bright he could lead the way! Rudolph guided the other reindeer and Santa from house to house, always looking for new barriers along the way and avoiding them with ease. As they flew into the night, Santa Claus exclaimed, “Merry Christmas to all, and to all a good night!”
Every organization has its own obstacles to face every day. Enterprise risk management helps identify those obstacles and find the best way to mitigate those risks before they happen. Just as Rudolph provided clarity through a snowy night sky, enterprise risk management provides clarity to the organization and the board of directors. Santa Claus had everything in place to achieve his goals (deliver his gifts!), but it still wouldn’t have been possible without the help of Rudolph! ERM uncovers critical risks across the enterprise and prevents surprises, whether they are a missed vendor contract renewal, a data breach, or a snowy December night sky.
AUDIT MANAGEMENT – MRS. CLAUS
Mrs. Claus dedicates her time throughout the whole year to plan and prepare for the holiday season. To get ready for the big Christmas night, Mrs. Claus tries out all her cookie recipes to get it just right, and makes the best hot chocolate in the North Pole. She spends her time keeping track of the elves, collecting toy inventory, and getting Santa Claus prepared for his travels. Without the help of Mrs. Claus, a successful Christmas night would not be possible!
Managing and tracking an audit universe can be a meticulous task in an organization, just like the planning and preparation for Christmas night. Sometimes, it might take a little tweaking (like an extra cup of sugar!) to get it just right. Luckily, ERM is there for the audit management team (or for the North Pole, Mrs. Claus!) to make it all possible through planning, support, and execution! Without audit management and ERM, your organization would not be where it is today, and without Mrs. Claus, Christmas could not be accomplished (and there definitely wouldn’t be delicious cookies on top of that!).
VENDOR MANAGEMENT – SANTA CLAUS
With a big, round belly, rosy cheeks, and a bit of soot on his beard, Santa Claus is the jolliest man around! He can be found helping the elves in the workshop or baking cookies with Mrs. Claus, but his most important job is making his list. Santa Claus is very diligent about who’s been naughty and who’s been nice – he doesn’t just make the list, he checks it twice!
Just like the work of Santa, a big part of work in vendor management is making a list and checking it twice! Santa knows who’s naughty and who’s nice, and vendor management software tells us that it’s not worth the risk to work with a vendor if we can’t be sure they’ll come through when we need them most!
COMPLIANCE MANAGEMENT – THE DREIDEL
To play, a group of people take turns spinning the dreidel. Depend upon which play side is facing up when it stops spinning, they either give or take game pieces from the pot. The best turn would be to get Gimel – which rewards you with everything in the pot!
Compliance management can often feel like a game of Dreidel. When compliance is not met, it’s like spinning and getting Shin – the company has to put a piece in the pot. But a spin on Gimel means the company is rewarded with everything in the pot! Fortunately, unlike Dreidel, risk-based compliance management isn’t based on luck, so if strong ERM processes are in place, the company will get Gimel every time!
IT GOVERNANCE & SECURITY – THE ELVES
The elves are the hardest workers in the North Pole. Not only do they spend each day building numerous toys, but they also need to keep up with all the new toys that come out each year! It all began with a wooden rocking horse, and now it’s a robotic rocking horse that does your chores for you. Every year the toys get more complex, but the elves are ready to adjust and make it happen.
IT governance and security changes every day. There are many levels and complexities to it, just like the toys in Santa’s Shop! Every year, new security threats surface, and companies must be agile and quick to adjust. If the elves don’t learn how to make the new toy quick enough, they won’t have enough in time for Christmas. Increasingly, the majority of products and services have technology embedded in them or rely on technology. If a company doesn’t stay up to date to protect themselves against new threats, they might experience a data breach, ransomware, hacking, or much worse. Luckily, the elves shift their approach and stay ahead of the new circumstances, and IT governance and security does the same.
BUSINESS CONTINUITY & DISASTER RECOVERY – FROSTY THE SNOWMAN
With a corncob pipe and a button nose, Frosty was the new best friend of many children! But as he ran around playing and laughing, Frosty knew it was only a matter of time before the weather got too warm and he would melt away. After a long day of playing, Frosty jumped on the train to the North Pole, declaring, “I’ll be back again someday!”
It’s easy for a company to get caught up in all the happy moments when business is going well, but without risk-based business continuity and disaster recovery plans, Frosty would have melted away. Frosty was enjoying playing with the children, and every company likes when business is improving, but when we forget to focus on what’s to come, disaster can strike without warning! Luckily, BC/DR teams are there with ERM plans in place to keep an organization moving forward, like a train to the North Pole.
FINANCIAL REPORTING (SOX, MAR) – DOMINICK THE DONKEY
Oh no! The reindeer can’t climb the hills of Italy. How will all the people have their gifts delivered? Luckily, Santa has a backup, and in comes Dominick the Donkey. With Jingle Bells around his feet, the Italian-speaking Dominick is able to navigate the changing terrain under his feet and bring gifts to all of Italy’s residents.
Financial reporting is complicated, and it takes a certain skillset to accomplish, just like the task of delivering gifts in Italy. Reindeer can’t climb the hills of Italy, but with ERM, Dominick the Donkey can! Through tracking operational activities, financial attestations, and accountability, an organization can navigate its way to success, just like Dominick can navigate his way, delivering gifts on-time and on-budget!
POLICY MANAGEMENT – THE GRINCH
The Grinch pushed the sleigh of toys to the top of Mount Crumpit. He had a plan – and that plan was to dump it! But what the Whos didn’t know was that he had really done them a favor. Waking up on Christmas without any toys meant the Whos came together and began to realize the true meaning of Christmas – each other.
Okay, so the Grinch gets a bad rap, but he wasn’t all bad – he helped everyone remember what’s important about the holiday season! The Grinch knows that by collecting all the toys, he will be able to show what is really significant about that day. Policy management includes maintaining and collecting portfolios of policies, procedures, and documents. Through all this work, important information is revealed about an organization with ERM. Perhaps it was a risk no one saw coming, or it was an opportunity that might have been missed, just like re-discovering the meaning of Christmas!
INCIDENT MANAGEMENT – THE GINGERBREAD MAN
With frosting eyes and buttons made of gumdrops, the Gingerbread Man jumped off the cookie sheet as he was removed from the oven. He ran and ran, dodging all obstacles that came his way. He escaped the old couple, the pig, the cow, and the horse as he continued on his journey.
Risk-based incident management helps you think critically about incidents by reporting, tracking, and identifying the root cause so they never come up again. This agility is crucial to organizational success, just like the Gingerbread Man’s ability to think critically, prioritize threats, and adjust to a changing environment during his escape. He had to be nimble and quick and on top of every move, just like the work in incident management with ERM.
Happy holidays from everyone at LogicManager. We wish you all a bright and happy new year!