In today’s rapid-paced, ever-changing economy, the topic of enterprise risk management has gained significant interest beyond the military sector, financial industries, and academia.  Especially with the latest buzzwords surrounding cloud security and cloud risk. Fortunately for blackhats, risk management is infantile and handled in an informal manner.  Just ask Sony how long Sony took to implement their previously-purchased RedSeal vendor solution after the public caught wind of their initial breach. 

When was the last time you have attended a formal risk management meeting?  Did it look like this?    

Or did it look like this?  

 

 Worse yet, there are no actuarial datasets to use.  DatalossDB is better but much works needs to be accomplished to ensure the integrity of the data is beyond reproach. Verizon’s DBIR is better than nothing, but leaves much desired to arrive at the same conclusions. To this end, I will propose a comprehensive approach to enterprise risk management based on academic and business research.

In the coming months, I look forward to constructive feedback.  We shall begin exploring state-of-the-art risk management’s qualitative and quantitative methodology qualities. Followed by business reasons why risk management remains in institutional neglect.  Along the way, we shall have take aways from several theoretical frameworks, and tools which have been used or could be used to manage risk, such as IBM OpenPages, RiskAoA, custom excel spreadsheets, and other RSA vendor fodder.

Our research will draw ideals from fields not normally associated with enterprise risk management.  In order to isolate important risk drivers, certain perspectives will be had, IE regulatory and political.  One could say this series on enterprise risk management is to promote a greater preemptive organizational outlook.  Assisting institutions to foresee and exploit a business environment’s inefficiencies and reservations.  On the other hand, an evolutionary market perspective will be used to express an innovative manner to uncover risk management data.  I suspect we will find there are many ways to skin a cat to produce creative solutions.