Most organizations haven’t asked themselves the right questions
Because we’re known as experts in corporate investigations and security systems, we’re often asked for help with our clients’ risk management strategies, implementation and follow-up.
The problem is that we’re often asked for help once a breach has occurred and the organization has been taken by surprise, whether it’s employee fraud, or unauthorized access, or violence in the workplace – management simply wasn’t aware of the potential for problems, or didn’t think a small problem would escalate.
And when potential problems aren’t identified ahead of time, management isn’t prepared to respond in a timely fashion, which in turn exacerbates the negative consequences.
So how can organizations get ahead of the game?
It starts with asking the right questions: Making the time to get senior management together and systematically identify the risks the organization faces, how it can respond to those risks, and then putting the right policies, resources and tools in place to protect against them.
What are the right questions? The infographic below, prepared by BDO, provides a good starting point. And while it’s entitled ’11 questions non-profits should ask’, the truth is that it’s a good list of questions for any organization that’s looking to improve their risk management and readiness.