Risk Management Planning:  A Systematic Approach

Posted by Margo Barr on Apr 20, 2021 7:45:00 AM

If you don’t invest in risk management, it doesn’t matter what business you’re in, it’s a risky business. - Gary Cohn, American Business Leader IBM

2020 taught us two distinct things: organizations are capable of adapting to monumental change, and identifying and eliminating risks must be a central focus for survival. A risk management plan does not need to be extensive and complex. It does, however, need to be approached with a proactive mindset rather than a reactive one.

+

COVID-19 and Problem-Solving Skills

Posted by Shankar Anant on Apr 9, 2020 8:46:00 AM

COVID-19 has brought the world to its knees! For most people in the world, daily life has been disrupted in an unprecedented way. Besides the awful toll on human life, job losses, business failures, etc. are now becoming more prevalent. The impact on the global economy has barely begun to be measured.

+

COVID-19 Risk Mitigation Checklist

Posted by Mary Hallock on Apr 8, 2020 3:19:27 PM

You shouldn’t wait until an employee is exposed to or tests positive for the COVID-19 virus. Rather, you should create a facilities plan that will help keep your employees as safe as possible.

Here are some things to consider as you develop your plan:

+

Four Key Elements of an Effective Risk Management Program

Posted by John Remsey on Apr 6, 2020 7:30:00 AM

Co-authored by IMEC Technical Specialists John Remsey, Ken Wunderlich, and Hanoz Umrigar.

Risk, as viewed as an exposure to a negative event, is a very broad and commonly used terminology.  From the insurance industry, to medical services, to business operations, “Risk” is deeply ingrained in common vocabulary.  With the recent global events, the question being asked frequently is how to effectively evaluate and manage risk when it seems that nearly everything is at risk?

+

Mitigating Risk in Virtual World

Posted by Ken Wunderlich on Mar 26, 2020 8:39:40 AM

Every organization has some level of risk that can impact the organization. Regardless of whether you have a formal quality management system or must meet regimented regulations, leadership, as well as additional stakeholders, have a particularly vested interest in identifying and planning for all potential risks to an organization. The National Institute of Standards and Technology (NIST) has created a guide for conducting risk assessments. Regardless of the technology, the establishment of a standard approach is key.

+

Preventing Eavesdropping and Protecting Privacy on Virtual Meetings

Posted by IMEC on Mar 19, 2020 1:29:06 PM

This is an original NIST Cybersecurity Insights blog post, written by Jeff Greene.

Conference calls and web meetings—virtual meetings—are a constant of modern work. And while many of us have become security-conscious in our online interactions, virtual meeting security is often an afterthought, at most. Who hasn’t been finishing one call when attendees of the next call start joining – because the access code is the same? In the moment it may be annoying, or even humorous, but imagine if you were discussing sensitive corporate (or personal) information. Unfortunately, if virtual meetings are not set up correctly, former coworkers, disgruntled employees, or hackers might be able to eavesdrop. Using some basic precautions can help ensure that your meetings are an opportunity to collaborate and work effectively – and not the genesis of a data breach or other embarrassing and costly security or privacy incident.

+

Considerations for Effective Risk Management

Posted by IMEC on Sep 26, 2019 12:06:59 PM

This is an original article written by Dan Brown, President of DB Performance Solutions.

Why Risk Matters

In business ”RISK” is a scary word. We have risks if we move forward and risks if we remain still. No matter what industry you are in, you are guaranteed to run into risks. As a business leader, how do you know when to take a risk and when not to take a risk? The answer is pretty straight forward - analyze and then manage your risks - which is certainly easier said than done!

+

Are Your Customers Requiring you to Use ISO Standards?

Posted by Simone Erskine on Jun 14, 2019 10:33:10 AM

This is a guest blog, written by Alec Alessandra, M.B.A, former John Deer Executive, former IMEC Board Member, and Senior Strategist of Strategic Impact Partners, and Robert Pojasek, Ph.D, Senior Strategist of Strategic Impact Partners.

Many small and medium-sized supplier organizations are receiving notices from their larger sourcing customers to implement a variety of different international standards at their facilities. These standards could include:

  • ISO 9001: 2015 (for quality)
  • ISO 14001: 2015 (for the environment)
  • ISO 31000: 2018 (regarding risk management)
  • ISO 45001: 2018 (covering health and safety)
  • ISO 50001:2018 (covering energy management)
  • The Ethical Trading Initiative Program
+

5 Questions to Ask Your Cybersecurity Professional

Posted by Simone Erskine on Oct 18, 2018 12:41:37 PM

This is an original article by Kathleen Martin, MEP's IT Security Officer and a Certified Information System Security Professional.

Almost weekly we hear about another company or organization that has fallen victim to a cyber-attack. We know cybercriminals are more persistent and we need to be more diligent about protecting information.

+

Where Are Cybersecurity Threats Coming From?

Posted by Cytellix on Feb 20, 2018 9:07:00 AM

Written by Cytellix - an IMEC cybersecurity partner

There has been a lot of recent news and discussion about several malware variants that have been defined as ransomware attacks. There are and have been other damaging malware attacks, but ransomware popularity is currently very well publicized.

Ransomware attacks are not simple but are commonplace in the market today. These attacks typically find their way into an organization through social engineering. To be more specific, the malware is embedded in an attachment as an executable. There are several outcomes from ransomware that we have seen thus far: an individual machine is encrypted and the decryption key is held for ransom by the attacker and a currency request of a “Bitcoin” is requested to decrypt the machine in question. The nastier variants can traverse from machine to machine through the network, creating a systemwide infection. This attack causes severe networkwide shutdowns, causing an organization to recover through more significant ransom payments, or if the company was prepared, backup remediation steps are taken.

+

    Subscribe to Email Updates:

    Stay Connected:

    Posts by Category