Enterprise Approach to Risk,
Threats and Incidents
The dual events of "9/11" and "Enron" continue to reverberate among corporate board members and executive
management in the short-term. However, each of these events also poses serious long-term implications for corporations and their participating senior officials. In addition, these events come on top of an already aggressive societal movement demanding corporations to be more socially responsible, accountable, and transparent. Executives and board members are quickly coming to the realization that "business as usual" in the new millennium is no longer usual and that significant changes in approach and business practices are needed.
Certainly, there is now acknowledgement of the fact that corporations will have to devote more resources and effort in protecting the critical corporate assets: human, physical, information, and reputation. These assets are vulnerable to an incredibly wide variety of internal and external threats and risks, which if not quickly and accurately identified can wreak substantial havoc.
The successful prevention of any of these risks and threats by a corporation can help eliminate a wide range of very negative outcomes, including: accusations of negligence; significant business disruption; the media and politician spotlight; substantial jury awards or settlements; increased regulatory scrutiny; major embarrassment; and, even the potential of forced bankruptcy (i.e., Arthur Andersen).
The above list mentions just a few types of threats. But, if any one of these or other types of threats evolves into a real incident or public relations crisis, the corporation and individuals involved can suffer significant damage and harm. Second, in today's business climate of intense scrutiny and potential litigation, executives and board members will need to focus on multiple threat prevention. Third, the wide variety of risks indicates that multiple corporate departments (security, auditing, risk, compliance, ethics, human resources, facilities management, legal, environmental, information security, crisis/disaster management and safety) could be involved and negatively affected.
Successful prevention of multiple risks and threats by multiple departments entails utilizing a combination of a diverse set of tools, procedures, policies, and tactics. Most importantly, successful prevention starts with having a robust risk and threat identification capability
(i.e., an information technology solution) that accommodates multiple departments, professionals, facilities, and geographic locations. This type of information
technology solution is referred to as an Enterprise Incident System (EIS), able to handle any type or risk or threat, whether it is alleged, suspected or actual. An EIS program that is implemented enterprise-wide is the most basic foundation and tool for a successful and complete prevention program.
Both executives and board members recognize the importance of an EIS capability. The enterprise-wide
information technology solution is not a new concept for senior officials, since over the last decade they have invested millions in a variety of enterprise solutions for inventory, accounting, customer service, personnel, billing, requirements planning, etc. Not only are enterprise programs more cost effective than the alternative of having incompatible program solutions for each department, enterprise programs eliminate the independent and parochial "silos" of critical information that prevents a quick and accurate assessments, analysis and reporting of consolidated information. An EIS facilitates, rather than hinders, these critical characteristics that are paramount to an effective and timely risk reduction and threat prevention capability.
This is what Entegra's EIS solutions, Ki4 RRS and Ki4
QT, are about. Ki4 information technology solutions are the only full-fledged EIS applications available that
support enterprise-wide risk, threat and incident reporting; that supports multi-department investigation and action follow-up; and that supports enterprise issue and case management
is an Enterprise Incident System or EIS.
Ki4 is able to handle any type or risk or threat, whether it is alleged, suspected or actual. An EIS implemented enterprise-wide is the most basic foundation for a successful and complete
risk, threat, and incident prevention program.
|A sample list of risks and threats would include:
Threats to Executives
Unsafe Working Conditions