Governance, Risk, Compliance (GRC) and security consulting have caught everyone’s attention. If you are a business operating in today’s environment, everyone in your enterprise is affected. The small merchant who accepts the consumer’s credit card, or the large multinational corporation processing 10’s of millions of credit card transactions annually, is a potential target.
- Credit card information, account numbers and CVV’s
- Intellectual property, formulas and process flows
- Physical facilities including data centers, distribution and retail operations
- Internal information about customers, what they buy and annual sales
- Access to internal information, sales proposals and internal company confidential documents
- Personally identifiable information, medical information or customer financial histories with private banking information
If you collect any of the above, your business is responsible for securing these against inadvertent disclosure, theft or malicious intrusion. What about a disaster that has a profound impact on the way you do business? You have insurance of course, but can you provide what the insurance company will request to process a loss claim based on your due diligence procedures?
What are the major factors that impact business risk?
Running a business is a difficult proposition. Dealing with people who sometimes don’t understand what they are required to do and are not fully engaged, jeopardizes the confidence in your products or services. Those individuals can destroy your brand reputation overnight and are issues that have a large impact on everyone within the enterprise.
Dealing with technology that doesn’t meet expectations can become an obstacle that impedes the ability to satisfy the expectations and objectives of a business decision. The industry sometimes lacks the clarity to separate fact from marketing, leading to even more painful decisions that eventually impact the bottom line.
PROCESSES AND FACILITIES –
Understanding the complexity of a business process requires a fair amount of effort to document and educate everyone involved. Documentation, training and business awareness do become victims because they do not directly contribute to the production of revenue, and can be seen as excess and overhead. Striking the appropriate balance is a challenge with consequences.
Is it easier to run without discipline and specific direction, calling it “lean and mean”? Knowledge without experience is reckless. Wisdom is knowledge refined through experience and lessons learned.
Choose wisely, seeking a balance between knowledge and experience, fact and fiction, and ability with a proven track record.
(The) R.M. Pawnyk Corporation provides professional services that help companies understand their risks and cultures to run their businesses better. Among them, Disaster Recovery / Business Continuity processes and Enterprise Security, should encompass a holistic view of your facilities and information technologies.
Change is the norm. New business models brought about through acquisition or merger, risks in the economic environments or shifts in the marketplace can shake the foundations of your business. Can you quickly capture the intelligence you need to adapt to, and benefit from these changes while minimizing business risk? If not, you’re at a disadvantage. You need to have greater insight to seize greater market share, doing it profitability and securely.
Alumnus/a: Roman M. Pawnyk '70
9884 Forestview Drive