 |
An organization’s board of directors and its senior executives
has always been entrusted with significant responsibilities. Traditional
responsibilities include setting policy and strategic direction,
achieving acceptable operating results, overseeing organizational
development, protecting shareholder and other stakeholder interests,
and ensuring compliance with applicable codes of conduct and standards
of behavior.
The recent convergence of a number of factors has made the jobs
of these “C-suite” leaders even more challenging. These
factors include 1) compliance requirements with Sarbanes-Oxley
as well as industry-specific requirements for improved operating
controls and disclosures 2) court decisions which have found boards
and senior executives personally accountable when controls fail
and shareholder value is impaired; 3) increased reliance on digital
systems and technologies to perform essential corporate missions,
and the attendant cascading liabilities that may be caused due
to downtime and security breaches in such systems; and 4) increased
corporate vulnerabilities to risks due to the actions of external
entities.
This white paper provides background information on the above
factors and presents a unique framework to address these and other
significant concerns. The concerns are addressed in a manner focusing
upon the critical mission(s) of the organization, and are oriented
toward generating operational improvements. The approach utilizes
an orderly, three-phased process designed to ensure that:
- mission critical operations comprising the critical
mission(s) of the enterprise are identified, evaluated and improved
upon;
- the internal and external linkages, exposures and dependencies
related to the organization’s customer service and supply
chain are similarly addressed; and,
- the enterprise’s operating environment is examined to
identify current and emerging business improvement opportunities
and risk
management issues.
Competitive advantage is an expected outcome of this process.
Customers of all organizations are becoming increasingly sophisticated
when determining with whom they will deal. Many want to understand
the security programs, reliability and operational controls of
others upon whom they depend. They realize that any breakdowns
in their own service/supply chains, whether from internal or external
sources, may have resounding impacts upon others. Accordingly,
the recommendations contained herein will not only help to mitigate
risk and improve the organization that embraces them, but may improve
the perception of that organization by its customers and others
important to its success.
|
|
