Trade.Information

Product Name: Risk Mitigation

Product Description

Recent socio-political changes have challenged the enterprise to maintain continuity of operations in the midst of disruptive events. Organizations must protect themselves from the risks associated with physical and computer security breaches and any potential disruption to the business. Mitigating these risks involves protecting the organization from events, which could cause a disruption, as well as “designing the organization” for optimal operational resiliency.

• In 1993, nearly 103 companies went out of business when the first bombing occurred at the World Trade Center.
• Forty-four percent of respondents to the 2002 Computer Crime and Security Survey (CSI/FBI Survey) reported financial losses of over $455 million due to computer security breaches.
• Twenty-two buildings in and around the World Trade Center were destroyed or damaged by the events of September 11, 2001, including 29 million sq. ft. of office space, totaling nearly $2.7 billion in losses.

Physical and IT Security
The terrorist attacks on September 11, 2001 exposed the fragility of our World, reducing people’s feelings of personal, physical security and creating new levels of uncertainty. In addition, the findings from the “2002 Computer Crime and Security Survey”, published by CSI with participation of the San Francisco Federal Bureau of Investigations Computer Intrusion Squad, confirm that the threat from computer crime and other information security breaches continues unabated and that the financial toll is escalating.

Together, these developments have revealed the extent to which organizations are vulnerable to uncertainty and security breaches from a number of dimensions. In order to get results and succeed under any scenario, organizations must implement innovative mechanisms to build resiliency into the fabric of the business.

Operational Resiliency
As stated by Accenture, a leading consulting firm, “To remain steadfast in the face of unexpected shocks, leaders will have to create organizations that are resilient.” Operational resiliency involves proactively and holistically taking the required steps to minimize the risks of a business disruption.

First, companies must identify and prioritize the organization’s most critical resources. This is the critical first step because it not only helps build a resilient organization, but in the case of a disruption, it provides a framework for prioritizing any potential recovery effort.

Second, an evaluation of the level of security vulnerability that an organization has from both a physical and technical standpoint must be conducted. This step will provide a blueprint of where lapses exist today and identify what should be corrected as quickly as possible.

Third, where vulnerability may still exist, companies can take the necessary steps to physically distribute critical resources (i.e., remote locations) and/or ensure redundancy of those critical resources (i.e., disaster recovery sites).

Taking the First Step
Identifying and prioritizing an organization’s most critical resources involves developing a snapshot of the physical, technical and Human Resource infrastructure. Aperture’s Business Infrastructure Management solutions help organizations manage the underlying assets and processes that support business operations -- its personnel, real estate, facilities and IT infrastructure.