Tuesday, September 20, 2011

ERM-BC-COOP

Partial risk list

 

I was putting together a short version of my BBA and MBA-targeted presentation Risk Management - an introduction and I started thinking about risks - a/k/a threats - that a risk management practitioner would identify, but that a business continuity practitioner probably would consider "out of scope."

There are only 76, but the list hardly is "all-inclusive." An " * " by an entry indicates a risk I would expect a business continuity practitioner to identify.

  1. Acquisitions

  2. Alternate site options *

  3. Alternate site - short term

  4. Alternate site - long term

  5. Auditors

  6. B&D insurance

  7. Business interruption insurance *

  8. Changes (personnel, processes, product, etc.)

  9. Chemicals - for processes, cleaning

  10. Civic events

  11. Clients/Customers

  12. Competition

  13. Compliance - all areas (HR, product, supplies)

  14. Construction

  15. Copyright, trademark issues

  16. Discrimination in workplace

  17. Disabled and the ADA

  18. Documentation (government-required, processes, product, etc.)

  19. Employee travel

  20. Employee welfare *

  21. Ethics

  22. Evacuation/Sheltering policies

  23. Family issues (domestic violence, illnesses, death, etc.)

  24. Financial vendors

  25. Fire *

  26. Flood *

  27. Government - Federal

  28. Government - Local

  29. Government - State/Provincial

  30. Harassment of/by employees

  31. HazMat on site *

  32. HazMat off-site

  33. Hiring practices

  34. Hurricanes *

  35. Injuries (staff, visitors)

  36. Image (corporate, executives)

  37. Industrial espionage

  38. In-place sheltering site and policies (safety, food, legal issues)

  39. Internal communications *

  40. IT failure *

  41. Legal

  42. Loss of facility other than fire, flood (plane, satellite crash)

  43. Management

  44. Marketing (false claims, etc.)

  45. Media response *

  46. Neighbors

  47. Planning and Zoning *

  48. Policies & procedures

  49. Politics

  50. Public relations *

  51. Regulators

  52. Relocation - to/from alternate site

  53. Remote recovery conditions

  54. Secondary strikes

  55. Security - data *

  56. Security - facility (inside and outside)

  57. Security - intellectual property

  58. Social media

  59. Special interests (e.g., ADA)

  60. Stock and bond markets

  61. Succession

  62. Supplemental staffing (vetting)

  63. Telecommunications failure *

  64. Terrorism

  65. Tornados *

  66. Training - incorrect, incomplete

  67. Transportation *

  68. Utilities *

  69. Vendors *

  70. Vendors - post-event

  71. Vendors' vendors

  72. Web site

  73. Work actions *

  74. Work actions - government agencies (fire, police, Customs)

  75. Work actions - secondary (vendors, transportation, etc.)

  76. UBIQUITOUS "OTHER"

There always is a ubiquitous "other" that can be discovered during all-hands "What If" sessions. As this is written, Chicken Little's worst fears are coming to fruition - the sky is falling, or at least parts of a man-made satellite are bearing down the third planet from the sun. It can't be a "black swan" - or even a grey one - since you and I know about it.

PowerPoint short and long Risk Management presentations available to BBA and MBA programs.

If I wrote it, you may quote it.

Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)