This website or its third-party tools use cookies which are necessary to its functioning and required to improve your experience. By clicking the consent button, you agree to allow the site to use, collect and/or store cookies.
I accept

Resilience Ninja

Coaching and ideas to help build agile and resilient practices.

You are here: Home / Conferences / Integration and Risk

Jun 29 2011

Integration and Risk

Day 2 at Insights 2011 started with a keynote panel, made up of very senior folks from the ‘Big 4’ accounting firms. At first I thought this session may be a little tedious – expecting an old-fashioned audit focus.

Not so, and I found the session very interesting. The key messages related to the need to better understand and cope with risk;

  • New, and perhaps not well understood, risks from emerging markets
    • Not just the physical risks, but also need to understand and adapt to different cultural expectations
  • New (and again poorly understood) risks relating to disruptive technologies
    • e.g Cloud, Mobile devices, Social Media
  • The combination of these risk sources
    • Some developing countries may actually skip the PC era and move straight to the smart phone era, need to be able to operate in such a market.

It was interesting to hear the representative from Deloitte promote the concept of “Risk Intelligence” – I would hope he is using the term in the context of learning and experience of risk (as suggested by David Apgar’s book)- rather than in the alternatively used meaning of just better estimating probabilities.

The discussion reminded me that I have not finished reading this book, and will do so and review for you here. Being able to learn from our experience to better understand and mitigate risk is essential for resilience.

The sessions continued in the similar vein to yesterday, with plenty of interaction with audience, and discussion leaders using interview style rather than powerpoint. Moving from yesterdays theme on “Executive Insights during Challenging Times” to today’s theme of “Insights on “Integrating Business and Technology”.

Strong session from Dr Ron Ross of NIST about the future of cyber security. Raising some of the same disturbing scenarios as suggested by Richard Clark in his keynote session at WCDM last week.

An appropriate follow-on from Ross’s session – where he discussed the NIST guide on Risk Management for IT Systems was a specific session dedicated to that subject. Very passionate speaker in Brian Barnier – strong message from several sessions for Info Sec folks to get up out of the weeds and ensure risk management is linked to business objectives and needs.

Creation of ‘Risk Aware Architectures’ is going to be an essential change to keep this alignment and integration of business and IT. It will not be possible to manage IT Risk by bolt-on solutions chosen after solutions are designed and implemented.

The lunch session returned to the topic of Cyber Security featuring Howard Schmidt, White House Cybersecurity Coordinator. This presentation raised the area of focus above the needs of individual organisations to address national, and multi-national issues in this space.

Not surprising that this issue of cyber security is featured in several sessions at this conference. Clearly a top of mind issue with this audience.

It has been hard to fault the calibre of the people leading the discussion at this conference, very focussed selections (they did not have a call for papers) has resulted in almost no bad speakers.

A fire alarm (thankfully false) and evacuation certainly roused the delegates in the final session of the day.

Looking forward to tomorrow, when things will wrap up with “Insights for the Future of Business and Technology.”

Written by Coach K · Categorized: Conferences · Tagged: ISACA

Comments

  1. Jan Husdal says

    July 9, 2011 at 6:57 AM

    Some very interesting points here, Ken, in particular in relation to risks in emerging markets. Emerging markets skipping the PC era and moving straight to smartphones, coupled with social media wildfires is maybe not a risk per se, but it certainly creates a potentially volatile and unstable environment which requires a different set of communication skills than what we are used to.

    And I will definitely look into some of Apgar’s writings… thanks for the pointer!

    Reply
    • Ken Simpson says

      July 12, 2011 at 12:01 AM

      As always Jan, a pleasure to create extra reading for you!

      Agree with your comment that the actual process of managing risks is the same, we just need to make sure we have understood the context in which we look at risk.

      These emerging markets add more uncertainty as we try to understand the implications of their development cycle.

      Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Tags

Adaptability Agility Amy Lee AS/NZS 5050 BCAW BCI BCM BC Practice Charley Newnham Community Community Conferences Craft Craft Crisis Management Culture Cynefin Deepwater Horizon Disruption DRJ Frameworks Goals High Reliability ISACA Jan Husdal Learning Organisation LinkedIn Operational Risk Pandemic People Plans Practice Resilience Resilient Organisations Riskczar Risk Management Skills Standards Stone-Roads Supply Chain Risk Theory Tools/Technology Vulnerablity WCDM 2010 Weather

Search Form

Social Icons

  • Dribbble
  • Facebook
  • Google+
  • Instagram
  • Twitter

Post Categories

May 2025
M T W T F S S
 1234
567891011
12131415161718
19202122232425
262728293031  
« Jun    

© 2025 Resilience Ninja · Rainmaker Platform