A Risk Management Approach to Business Continuity: Aligning Business Continuity with Corporate Governance

  • 9h 35m
  • David Kaye, Julia Graham
  • Rothstein Associates
  • 2006

As business practices and sensitivities change, Business Continuity Management (BCM) is increasingly a central and crucial tool for the risk manager. Responses to the Bi-annual Risk Management and Risk Financing Survey by AON in 2005 amongst risk managers, insurance managers and finance directors of the United Kingdom’s top 1,000 organisations placed business continuity as the second most important risk issue that concerns them. The greatest concern, protection of the brand value, and others in their top ten, (1) loss of reputation, (4) product liability/tamper, (5) regulatory/legislation (6) physical damage, (8) terrorism, (9) corporate governance and (10) professional indemnity, are all commercial survival issues and key elements of continuity management.

The consequences of damage by a risk incident might not just be quantifiable initially in monetary terms, such as in the loss of valuable assets or by destructive levels of litigation. The consequences might involve the loss of life or valuable dependencies that are necessary for the organisation’s very survival. These include intellectual assets, brand values, regulatory approvals, legality, the confidence of its various stakeholders, and its ability to deliver urgent, contracted, products and services on time. Furthermore the consequence may be that the organisation has to step away from its marketplace for a period of time and give free reign to competitors to do lasting damage to the customer, supply or distributor base.

About the Authors

DAVID KAYE, FRSA FCII FBCI MIRM Chartered Insurer, has spent much of his working life resident, and with bottom-line responsibility, for multi-million-pound insurance and financial services businesses in the United Kingdom, Holland, Caribbean and the Far East. A two-year secondment to work with a Police Service reporting to the Chief Constable added further valuable and wide-ranging experiences.

Prior to becoming a management consultant, David was a Divisional Director within the multinational group of companies and carried the Group responsibility worldwide for operational risk and continuity planning. In this role David evaluated and managed risk, and also developed and exercised continuity plans. He was required on numerous occasions to implement those plans and lead the response following potentially business-destroying damage by IRA bombs, and by numerous other natural and manmade disasters around the world.

JULIA GRAHAM, FCII FBCI MIRM Chartered Insurer, worked in the insurance industry for 30 years in a variety of managerial roles including marketing, underwriting and operations. In the early 1990s she set up the first in-house Risk Management capability for the multi-national insurance company Royal Insurance. In 1996, following the Manchester bombing, Julia led the recovery team for the Royal Insurance business in Manchester, one of the most severely affected locations in Manchester and working environment for more than 600 employees.

.

Julia went on to become the Group Risk Manager for Royal & SunAlliance with global responsibility for operational and strategic risk. This role included the responsibility for establishing policy and good practice for business continuity management across the organisation. In addition to the Manchester bomb recovery which touched aspects of post-trauma, asset recovery and insurance claims management, Julia has practical experience of recovery situations including those touched by asset damage, SARS, employee death, kidnap for ransom, The World Trade Center and the bombings in London July 2005.

In this Book

  • A Risk Management Approach to Business Continuity—Aligning Business Continuity with Corporate Governance
  • Introduction
  • A Risk-Based Approach To Business Continuity
  • Stakeholders Objectives
  • Governance, Good Practice, Standards, Regulation and the Law
  • Culture, Strategy, Performance, Risk and Business Continuity
  • Getting Started: The Business Continuity Management Cycle
  • Introduction to the Business Impact Analysis
  • The Business Impact Analysis: A Hitch-Hikers Guide
  • Application and Uses of BIA Information
  • Technology, Exposures and Continuity
  • Dependency Management: Supplier Management, Outsourcing and Business Support
  • Opportunities and Other Applications for Business Continuity Tools and Principles
  • The People Factor
  • The Value of Insurance When Facing Potentially Catastrophic Risk
  • Communications
  • Emergency and Governmental Services
  • Rehearsals and Exercising of Plans and Risk Decision-Making
  • Maintenance, Benchmarking, Assurance and Audit
  • Developing a Plan: Putting Theory Into Practice
  • Other Helpful Glossaries
SHOW MORE
FREE ACCESS