Chris de Wolfe, global director of risk management at Mars Inc., shares his challenges of getting the global risk management program at Mars up and running.
“The CRM group had a lot to offer but was severely underutilized, which led to high insurance premiums, a high risk profile, and a significantly reduced resiliency and recovery capability,” Chris said.
Reflecting on how Mars as a business became a major success, de Wolfe decided that he needed to market and promote his own department in the same way. Partnering with Lootok, a risk management consultancy firm, he developed a strategy to engage with the employees in a fun yet educational way. He devised a 5- to 10-year plan, broken into 12- to 18-month strategies and individual project plans by mapping out all of the products and services that risk management offers. He conducted a perception survey and drew up a program based on the ABCs of risk management.
“The ABCs allowed people to understand that risk management not only provides insurance, but it also ensures that the business continues,” said de Wolfe.
Sean Murphy, CEO and founder of Lootok, said of de Wolfe:
“I’ve known Chris for 10 years and what differentiates him is that he treats his program as a business. He had a good program before but he wasn’t satisfied with it so he completely revamped it and is now reaping the benefits.”
While artists, athletes, and performers struggle to make their mark in the public eye with a memorable act or viral moment, a different type of celebrity has been emerging on the scene - the spokesperson for a crisis.
Here’s a quick exercise to highlight the point:
Jeffrey Boyd, Lew Frankfort, and Stephen Hemsley. Do these names sound familiar?
If not, don’t feel bad. They are the CEO’s of Priceline.com, Coach, and UnitedHealth Group, respectively.
Now, how about the names Tim Cook and James Comey?
We can immediately recall them as the CEO of Apple and the FBI Director, respectively, feuding over a locked iPhone involving a federal investigation of the San Bernardino shooting.
The media diligently covered Cook and Comey’s debate for more than three months. During that time, both men emerged as stars in a cast of characters ranging from lawyers, judges, politicians, and even presidential candidates. The media and public tuned in to hear their perspectives on data privacy, security, technology, civil rights, and terrorism.
I was working with an executive team on a crisis scenario, when one of the leaders asked a question on crisis communication. He asked, “How soon do we need to communicate? 5 minutes, 10 minutes, 1 hour, 1 day, …?” He was looking for a precise number to evaluate a few past incidents that were on top of mind for everyone in the room. I gave the common answer, but right answer, of “it depends”. He gave a look of dissatisfaction and made a discrediting posture. I went on to share a few basic statistics from Daniel Diermier’s research (author of Reputation Rules) such as “online news stories suggest that the typical window is only eight hours; 20% of all news stories on a given issue are published within an eight-hour period; so forth.” Some time has passed since the exercise. After some thought, I want to provide executives with six (6) crisis characteristics to consider when determining when and how to communicate.
Will BCM software deliver on its promise of making your BCM program easier to run? Is it really possible for BCM software to eliminate the difficulties in running your program?
Yes, it can—but there’s a catch. It won’t address challenges that are unique to your program. Essentially, your problems need to be shared by every other customer of the software.
Download Best-in-class BCM software exists, the fifth myth in Lootok’s series on the five myths of business continuity management (BCM)!
Keeping a BCM program alive doesn’t get cheaper or easier over time. In this eBook, we’ll talk about why.
Download It gets cheaper and easier, the fourth myth in Lootok’s series on the five myths of business continuity management (BCM)!
The risk matrix is a standard tool commonly used in risk assessments. It’s straightforward to use, and easy to explain. The only trouble is, the risk matrix doesn’t actually forecast or measure risk.
When used as a quantitative tool, the risk matrix is misunderstood. Our challenge as practitioners is to recognize the limitations of the risk matrix, so we can use it in a way that increases understanding of the threats around us. In this eBook, we explore how.
Download The risk matrix measures risk, the third myth in Lootok’s series on the five myths of business continuity management (BCM)!
Many of us business continuity management (BCM) professionals are convinced that a business impact analysis (BIA) is a “must-have” for any company. On top of that, we often believe the more information we gather, the better. But after the enormous effort to collect mountains of data and conduct endless interviews, we end up with little value to show for it.
Doing a BIA is expected of us, but do companies actually need a BIA? I guarantee that conducting an extensive BIA project is a quick way to exhaust your resources, stall your program agenda, and taint the reputation of your program. But if you’re willing to question why you’re doing a BIA, and then facilitate the process in a practical way for participants, you can maximize your investment. This eBook explores how to do this, and why it matters.
Download You need a business impact analysis (BIA), the second myth in Lootok’s series on the five myths of business continuity management (BCM)!
As BCM professionals, we’ve long believed in the myth that a plan is our key to recovery during a disruption. Often, we hyper-focus on the plan as undeniable proof that the right actions will be taken in an incident. This is the worst possible approach. Learn why in our eBook, The plan is the promised land, the first in Lootok’s series on the five myths of business continuity management (BCM)!
A massive data breach at Sony Pictures Entertainment, which experts believe was targeted by North Korea as retaliation for a film depicting the assassination of its leader Kim Jong Un, has led to an international incident that has gained the attention of business continuity professionals. Even large companies like Sony can sometimes put business continuity planning on the back burner. BC professionals say that attacks like this can sometimes change their minds.
$18 billion dollars. That’s the number estimated in damages caused by Hurricane Sandy just in the state of New York alone. With the unexpected turns that transpired amidst the super storm, all businesses were reminded of the importance of business resiliency.
Given the vast amount of information presented to-date, it is still very important that the financial sector revisit the surprises from Sandy to ensure that critical financial services are better protected. A team of experienced BCM advisors gathered the recommendations in the accompanying table from industry thought leaders in leading global financial services companies to learn from their perspectives.
Dr. Yossi Sheffi explains the “detectability axis,” which considers threats you can only detect only after the fact. This concept challenges our conventional methods of measuring risk using probability and impact.
At first glance, it appears that Carnival Cruise lines was well prepared when one of their ship had an engine fire and subsequently lost power last week. The media, however, tells a different story. Here are three points that Carnival may have overlooked in their crisis response.
The highest rated Super Bowl in history may go down in the books for the 34-minute power outage that upstaged the million dollar ads. With all the chatter about the blackout, advertisers were concerned about the effect on television ratings, while some brands capitalized on the opportunity to own the conversation through social media. Many are claiming the real winner of Sunday’s game to be Oreo, whose clever blackout tweet got retweeted 10,000 times in less than an hour.
The fact that Tokyo found the nuclear reactors in a worse state than previously announced underscores the need for honest, factual information for public consumption, and the importance of media in delivering this communication. The age where authorities view the public as a panicky wildcard that needs to be soothed, rather than as an equal partner in mitigating and recovering from a disaster, must come to an end – especially in a world where, thanks to the internet and information networks, information is disseminated to a wider audience at a faster rate than history has ever experienced before.
Was the community immediately surrounding Tepco’s reactor integrated in mitigation efforts prior to the incident? Subsequent actions and the announcement of possibly 30 billion dollars in claims indicate the opposite.