Measures for Managing Operational Resilience

“Measures for Managing Operational Resilience”; this is the title of a new report published recently by Carnegie Mellon University's Computer Emergency Response Team (CERT).

How resilient is your organization? Have your processes made you more resilient? Members of the CERT Resilient Enterprise Management (REM) team are conducting research to address these and other related questions. The team’s first report, Measuring Operational Resilience Using the CERT Resilience Management Model, defined high-level objectives for managing an operational resilience management (ORM) system, demonstrated how to derive meaningful measures from those objectives, and presented a template for defining resilience measures, along with example measures.

In this report, REM team members suggest a set of top ten strategic measures for managing operational resilience. These measures derive from high-level objectives of the ORM system defined in the CERT Resilience Management Model, Version 1.1 (CERT-RMM). The report also provides measures for each of the 26 process areas of CERT-RMM, as well as a set of global measures that apply to all process areas. This report thus serves as an addendum to CERT-RMM Version 1.1.

Since CERT-RMM practices map to bodies of knowledge and codes of practice such as ITIL, COBIT, ISO2700x, BS25999, and PCI DSS, the measures may be useful for measuring security, business continuity, and IT operations management processes, either as part of adoption of CERT-RMM or independent of it.

You can access the report at http://www.cert.org/archive/pdf/11tr019.pdf

Website and phone support services for riot-hit English businesses

The UK Home Office has opened a new website and phone support services for businesses impacted by the recent riots and looting.

Businesses whose property or premises were damaged by rioters, or whose stock was stolen or damaged, could be eligible to claim under the Riot (Damages) Act - even if they do not have insurance and the new services aim to help organizations through the claims process.

Last week the Prime Minister announced that the deadline for applications under the Act would be extended from 14 to 42 days to allow more people to claim.

The advice being offered to riot hit companies/bisinesses is:

• If you have insurance, you should check your policy to see if it covers riot damage. If it does, you should contact your insurer directly,
• If you do not have insurance or it does not cover riot damage, you might be eligible to claim compensation from you local police authority, and,
• Claims under the Riot (Damages) Act are limited to damage to or loss of buildings or their contents. The Act does not cover vehicles, personal injury or loss of trade.

These web-based resources can be found at www.direct.gov.uk/riotadvice

Tips to Avoid Check Fraud

In the age of online hackers and ID theft, a low-tech scam thrives: check fraud. Fake-check scammers have honed schemes to be age-appropriate, preying on youngsters seeking jobs and seniors in need of cash. Stacey Delo and Andrea Coombes discuss on MarketWatch.

Gold Prices May Be Poised for `Parabolic' Rise

Mark O'Byrne, executive director of brokerage GoldCore Ltd., discusses the outlook for gold. He talks from Dublin with Mark Barton on Bloomberg Television's "Countdown." (Source: Bloomberg)

The pensions burden

People are living longer so they need to retire later and save more. An easy videographic explains what is happening.

SEC launches new Whistleblower Program

With its new whistleblower program that officially became effective on August 12, the Securities and Exchange Commission (SEC) has also launched a new webpage for people to report a violation of the federal securities laws and apply for a financial award.

The Dodd-Frank “Wall Street Reform and Consumer Protection Act” has provided the SEC with the authority to pay financial rewards to whistleblowers who provide new and timely information about any securities law violation. Among other things, to be eligible, the whistleblower's information must lead to a successful SEC enforcement action with more than $1 million in monetary sanctions.

The SEC's new webpage is located at www.sec.gov/whistleblower and includes information on eligibility requirements, directions on how to submit a tip or complaint, instructions on how to apply for an award, and answers to frequently asked questions.

"Early and quick law enforcement action is the key to preventing securities fraud and avoiding investor losses, and the whistleblower program gives us the tools to help achieve that goal," said Robert Khuzami, Director of the SEC's Division of Enforcement.

Sean McKessy, Chief of the SEC's Office of the Whistleblower, added, "Securities fraud is not a victimless crime. That's why why it is so important for people to step forward when they witness an ongoing securities fraud or learn about one that has taken place or is about to occur. Our new whistleblower award program makes it easier for people to take that step."

The SEC's new whistleblower program strengthens the SEC's ability to protect investors in several ways including;

• Better Tips: Over the past several months, the SEC has seen an increase in the quality of tips that it has been receiving from individuals since Congress created the program. 
• Timely Tips: Potential whistleblowers are incentivized to come forward sooner rather than later with "timely" information not yet known to the SEC. 
• Maximizes Outside Resources: With fewer than 4,000 employees to regulate more than 35,000 entities, the SEC cannot be everywhere at all times. With a robust whistleblower program, the SEC is more likely to find and deter wrongdoing at firms it may not have otherwise uncovered 
• New Protections Against Retaliation: Employees who come forward are provided with new tools to protect themselves against employers who retaliate.
• Bolsters Internal Compliance: The new rules provide significant incentives for employees to report any wrongdoing to their company's internal compliance department before coming to the SEC. Therefore, companies that would prefer their employees report internally first are incentivized to a have credible, effective compliance program in place.

TRAINING COURSE – PROCESS IMPROVEMENT & MANAGING CHANGE

Cape Town, South Africa – 7 & 8 November 2011

Process Improvement is a series of actions taken to identify, analyse and improve existing operational processes within any business or organisation to meet its goals and objectives. Such goals/objectives may include the need to reduce costs, achieve greater operational efficiency, the merging and simplification of existing processes etc.

Process improvement follows a specific methodology or strategy to create successful results. All operations whether back-office, middle-office or front-office are based on business processes. Often however, these Processes have been inherited from earlier times, and have been endlessly modified over time leading to a loss of their earlier efficiencies.

This applies equally to all businesses, organizations and their activities – from large modern-day corporations, through offices, factories, shops – and at all levels from businesses or organizations with thousands of staff right down to Mom ‘n Pop stores.

With Process Improvement comes change. Often too, these changes introduce a layer of uneasiness to the individuals that make up the business or organisation. Just as critical as improving your processes and benefitting from innovation, is getting your staff to accept change as beneficial. Change introduces elements of unease that push people out of their own comfort zones and can create resistance in even the best run organisations.

This course is designed for all people involved in business, services and other profit and non-profit organisations to introduce them to the world of Business and Organizational Processes – what they are and how they can be improved. It incorporates managing change, and how by coping with change, the changes themselves are strengthened and enhanced and beneficial instead of something to be feared. The course has also been specially designed to address the differing entry level knowledge of the participants.

How will you benefit from this course?

• Understanding a Business Process—what it is and how it is mapped.
• Understand how business processes can be improved.
• Understanding change and our reactions to this.
• Understanding stress within the context of process reengineering and change. 
• Successful approaches to planning, initiating and managing a successful process improvement project.

Who should attend?

This course is aimed anybody in any business/ organisation who wishes to gain a clear understanding of business and operational processes, what they are, how they come about and how they can be improved in an organized logical way.

Managers, supervisors, senior and junior staff, from operational and administrative areas will all benefit from this straight forward, comprehensive course on Process Improvement. This course applies equally to staff of firms operating at the corporate level, in manufacturing, in services, in retail trade and in non-profit organisations.

For a fully descriptive brochure please send a blank e-mail to courses@citadeladvantage.com with PROCESS-CT in the Subject line.