Tag Archives: Enterprise Risk Management

Institute of Risk Management forges alliance with Chartered Institute of Loan and Risk Management in Nigeria

The Institute of Risk Management (IRM) has signed a group affiliate scheme agreement with Nigeria’s Chartered Institute of Loan and Risk Management (CILRM).

The IRM is the leading global professional body for Enterprise Risk Management and currently has over 600 members across Africa, with active regional groups in Ghana, Kenya and South Africa. The organisation is currently in the process of setting up a group in Nigeria and Zimbabwe.

Legislation dictates that all companies over a certain size must have qualified risk management professionals in place in the region, highlighting the importance of risk management to the success of both organisations and the economy.

The scheme involves the CILRM purchasing 2,500 IRM group affiliate memberships which will then be allocated across the CILRM membership network. This means that the IRM’s counterparts can benefit from demonstrating their commitment to the risk management agenda by being part of a growing global network.

IRMAlliance

Other membership benefits include events, qualifications, networking and access to online materials.

Dr Ian Livsey, CEO of the IRM, said: “This is an exciting development for both the IRM and the CILRM when it comes to strengthening the risk management profession in Nigeria and for us to work more strategically going forwards.”

Livsey added: “The IRM already had a great footprint in Africa, but this news cements the importance of the developing Nigerian market. We’re keen to progress the risk management profession globally and determined to raise the importance of enterprise risk at Board level.”

Dr Sir Oladipupo A Bailey, president and chairman of the Governing Council of the CILRM, responded: “The signing of the Memorandum of Understanding with the IRM will not only strengthen the working relationship between the two bodies, but will also go a long way towards creating awareness of risk management’s importance for the Nigerian economy, both in the private and public sectors.”

He continued: “This is another milestone achievement for the CILRM and the IRM in terms of growing and developing the profession, especially in the areas of resource enhancement and capacity building.”

*The IRM has recently launched The Big Debate, which is a series of global events, interviews and a survey designed to find out more about the Risk Agenda 2025. Click here https://www.theirm.org/risk-agenda-2025.aspx for details

Advertisements

Leave a comment

Filed under Risk UK News

‘Demonstrating Cyber Security Readiness to Regulators through Risk Assessments’: White Paper issued by Hatstand

Specialist financial technology company Hatstand has issued a White Paper around regulators in the financial services world increasing their focus on cyber security and the need for businesses operating in this sector to view this as part of the overall enterprise risk management of a company. 

The White Paper discusses how performing a risk assessment can help a business deliver clarity, not only to the regulators, but also to the key stakeholders of its key assets concerning current status and gaps in controls and processes. A baseline assessment can then be used to evolve a Working Plan designed to mitigate the gaps and demonstrate to the regulators and stakeholders that the business is taking its cyber risk management responsibilities extremely seriously.

Cyber security is, of course, a key concern for our senior political leaders, regulators and industry professionals. However, keeping business and client data secure can be a challenge as it crosses global networks, computing and PDA devices.

Hatstand has produced a White Paper on cyber security for those companies operating in the financial services sector

Hatstand has produced a White Paper on cyber security for those companies operating in the financial services sector

Many industry experts predict that it’s not a matter of ‘If’ but ‘When’ a company will experience a cyber security breach. Indeed, it has been reported that the number of cyber security attacks increased by over 50% in 2014 when compared with the statistics recorded for the previous year.

The Security and Exchange Commission (SEC) and the Financial Industry Regulatory Authority (FINRA) have made cyber security preparedness a top priority for their 2015 member firm examinations. Furthermore, the Commodity Futures Trading Commission (CFTC) is weighing in to the debate as indicated by the recent remarks made by its chairman, Timothy Massad, who said: “Cyber security is the most important single issue facing our markets today in terms of market integrity and financial stability.”

Policies and guidelines

More countries are taking the initiative to educate their ‘net’ citizens and are creating policies and guidelines for firms and individuals to create awareness of such crimes. In Europe, the EU is putting together a Cyber Security Directive that’s planned to apply to all business sectors. Although some of the EU regulations recently passed or currently under consultation have some cyber security elements, nothing has been specifically aimed at the financial services sector.

With cyber security directly affecting clients, data, networks, hardware, software and operations, the need to protect them from theft, business disruption and destruction is paramount.

Hatstand’s White Paper evaluates why businesses need to have sound governance practices in place and recognise that cyber security is more than just an IT-related issue. It also examines how the threat of a cyber attack should be viewed as part of the overall enterprise risk management of the firm, with Board oversight and a proper risk framework covering identification, protection, detection, response and recovery.

Firms should be identifying their possible risks, assessing the likelihood of events occurring and preparing their response(s). Once armed with this information, they can then determine their risk tolerance and prioritise their cyber security counter-measures. This is an iterative process that needs to be continuously reviewed and updated as the environment is constantly changing.

*Download a full copy of Hatstand’s White Paper

Leave a comment

Filed under Risk UK News

Securitas to host inaugural ASIS UK Enterprise Risk Management Northern Seminar

Securitas has been announced as the main sponsor and organiser for the inaugural ASIS UK Enterprise Risk Management Northern Seminar.

The seminar, which will take place at the University of Leeds on Thursday 9 April 2015, will afford delegates an understanding of how organisations can use Enterprise Risk Management to deliver their security and risk-related services.

Speakers on the day will include Neil Gammon (head of physical security at Sky) who will give an insight into managing enterprise risk within a creative media organisation and Dr Kevin Macnish, teaching Fellow at the University of Leeds. Macnish is to deliver a talk on how risk may be managed from an ethical perspective.

Securitas’ Gail Pinkerton, account director on the Workman contract, will present delegates with a Case Study on security risk management within a business environment, duly explaining how Securitas works alongside the property management and building consultancy to minimise and mitigate risk.

Dr Peter Speight CSyP: director of security risk management at Securitas

Dr Peter Speight CSyP: director of security risk management at Securitas

Speaking about the event, Dr Peter Speight CSyP (director of security risk management at Securitas, an ASIS UK member and recently elected UK Chapter Secretary) told Risk UK: “We’re very much looking forward to this event and we’re delighted that nearly 100 delegates have registered. Enterprise risk management is such a focused area for risk and security professionals. Indeed, the interest in this event has given us the confidence to look into hosting even more in the future.”

​ASIS International is one of the leading organisations for security professionals with more than 38,000 members worldwide, all of whom are involved in the protection of people, property and assets.

Founded in 1955, the organisation is dedicated to increasing the effectiveness and productivity of security professionals by developing educational programmes and materials that address broad security interests.

The seminar begins at 1.30 pm and there will be drinks, canapés and networking opportunities from 6.00 pm. Those interested in attending should contact the ASIS UK Office either by telephone (01494 488599) or e-mail: info@asis.org.uk

Securitas awarded ISO 27001:2013 Information Security Management accreditation

Securitas is also pleased to announce it has been awarded the ISO 27001: 2013 Information Security Management standard, demonstrating the company’s firm commitment to providing the highest quality of service to its customers.

ISO 27001 is an internationally-recognised certification developed as a Best Practice standard which enables organisations to formalise and verify that risks are properly identified and managed. It also demonstrates to customers and stakeholders alike that the security of their information is taken seriously.

David Barlow of Securitas

David Barlow of Securitas

David Barlow, business standards and risk manager at Securitas, said: “In 2014, we completed an internal review of the whole of our UK security operations and realised we needed to concentrate on improving our data protection policies if we were to seriously advance in the security solutions aspect of the industry.”

Securitas duly sought the services of UKAS quality and compliance auditing body ALCUMUS, and soon realised that accreditation to ISO 27001:2013 Information Security Management would be required in order to satisfy the needs of both the security services and security solutions sectors.

In June last year, a member of the business standards team was appointed as project manager to concentrate on key areas which included the communications centre, ALCUMUS, environmental Health and Safety, the standards department, screening, finance, the Alarm Response Centre and the Help Desk function.

Following a period of internal and external audits and the creation of the Information Security Management System, all information – either printed or written on paper, stored electronically, transmitted by post or using electronic means, shown on films or spoken in conversation – is now handled and stored in a secure manner.

All assets, either physical or electronic, are also risk assessed and suitable control measures taken to ensure the security of these assets.

Subsequently, the ISO 27001:2013 accreditation has now been awarded in respect of Securitas’ UK operations in Birmingham, Wellingborough, Milton Keynes and Uxbridge.

Barlow concluded: “This accreditation demonstrates to our customers that we take all aspects of IT and data security very seriously indeed. I believe that not only will it be of great benefit in winning new clients but will also help us to retain our existing ones. I’m fully confident Securitas will be reaping the rewards of all this hard work in the months to come. “

Leave a comment

Filed under Risk UK News