David Davies

RISK MANAGEMENT — PROTECTING REPUTATION: REPUTATION RISK MANAGEMENT — THE HOLISTIC APPROACH

Abstract The melt down of Arthur Andersen clearly demonstrates the amount of damage that can be done to an organization once its reputation is damaged. It is particularly significant because the more diverse and physically spread an organization is, the more it becomes immune to physical, political and economic risks, and yet the more it becomes exposed to the possibility and consequences of damaging its reputation. However, the risk of reputation damage is not confined to the multinational — it can harm organizations of all sizes and activities. Despite this, it is the most misunderstood and therefore ill-managed of many company’s risk management activities. This article explores the importance of reputation and how it might be managed.

Computer risk management

Abstract Our perception is risk shaped along traditional lines. For most of us, the risks that can relate to are those that have been with us for many years: fire, flood, accidental damage, theft, fraud and embezzelement. The development of computer technology has introduced a new range of risks, and a new set of vulnerabilities. The value of the hardware is now immaterial compared with the potential costs that could arise out of its failure or misuse. Of equal Importance to the natural perils are the man-made risks, whether they be maliciously or accidentally motivated. Our priorities have been slow to reflect these changes. Insurance covers, risk management thinking and management strategy invariable reflect the computer technology of the 1970s. To explore this further I will examine the implications for computer crime risks of the development of computer technology and its application. I will review some of the new types of losses being experienced, and draw conclusions on the risk characteristics of the new technology.

PEOPLE MANAGEMENT — CORPORATE BULLYING

Abstract This article looks at the phenomenon of “corporate bullying” and the problems this creates for the organization in terms of business risk management.

WORLD TRADE CENTER LESSONS: RISK MANAGEMENT LESSONS FROM THE WORLD TRADE CENTER

Abstract There are many who believe that the events of 11 September 2001 have changed the world forever. The complexity of the data that has emerged, and that will emerge, as more studies are undertaken, is almost overwhelming. The tragic catastrophe that befell America was far, far greater than the beat of a butterfly’s wing, but there cannot have been a more extreme example of the chaos theory — the myriad of consequences that have stemmed from a single event and touched so many things, affecting the lives of virtually everyone on the planet.

LSE — CORPORATE GOVERNANCE: Turnbull — a year on

Abstract Since December 1999, companies incorporated in the UK and listed on the London Stock Exchange (LSE) have been subject to the LSE’s corporate governance requirements, including the Combined Code and ‘Turnbull’ — the commonly used abbreviation for the Stock Exchange’s committee on corporate governance, chaired by Nigel Turnbull. David Davies looks at how things are going a year on.

Insurance and the Y2K risk

Abstract Of all the market research undertaken on organizations preparedness for, and attitude to, the Y2K risk, the author is not aware of any research into what organizations expect of their insurance covers. Such dilemmas are usually solved very easily: a few key sentences in the policies will tell you your fate with a fair degree of accuracy. Some clauses and concepts rely on case law for the finer points of interpretation, but once you get the hang of it, insurance policies are fairly clear. David Davies reports.

Risk management: Holistic risk management

Holistic Risk Management is the process by which an organization firstly identifies and quantifies all of the threats to its objectives, and having done so manages those threats within, or by adapting, its existing management structure. It differs from conventional Risk Management in two key ways: The range of risks considered should not be limited by those that are ‘insurable’ or ‘fortuitous’. Far greater risks now threaten organizations than those which are understood by the traditional Underwriter. The process of minimising risk and the impact of risk, upon the organization, has to become a main stream management function, and not something that can be left to the annual insurance survey or minimal compliance with Health and Safety legislation. Risk management must become an integral part of everyones job, supported, but not policed, by specialist internal or external assistance. Its effectiveness will largely depend upon the underlying quality of the organizations management, structure and culture, with which it should integrate. David Davies reports.

High technology risks — The limitations of insurance

Abstract Insurance performs just one function: it provides financial compensation for events that have been anticipated, and defined, in the insurance contract, (the policy). However it also has a number of serious limitations. Many of those limitations are of particular relevance to high technology risks, others are common to all classes of insurance. It is inevitable, indeed desirable, that insurance should have many (but not all) of the limitations outlined below. The solution to many of the limitations is not to try and remove them, but to understand them fully, and to qualify the extent to which insurance is blindly seen as the answer to a particular risk.