Reduce Risk - Increase Resilience

October 21 - 22, 2015  -  New Orleans, LA - J. Kelly Stewart, Managing Director & CEO of Newcastle Consulting, LLC,  had the privilege of conducting the 2nd Annual Risk, Threat, and Vulnerability Workshop.  

This two-day program begins by explaining the differences between risk, threat, and vulnerability and then demonstrates how assessments are absolutely essential for organizational resilience. It offers a comprehensive examination of all aspects of planning and implementing a risk assessment program in any organization, small or large, public or private, and in any industry or setting. Through engaging lecture, eye-opening case studies, and a site visit to see the principles in action, this program covers the essential topics listed in the overview.  A Risk, Threat & Vulnerability Assessment tool will be introduced for applying the principles taught.
 

Learning Objectives:

• Learn how to develop an effective risk management and assessment program that is highly valued within your organization. 
• Understand how to integrate risk assessment into the business process in a way that provides timely and relevant risk information to management. 
• Develop the skills to identify necessary people and assets that provide the enterprise tangible and intangible value. 
• Learn how to develop a solid business case for the program—one that addresses cost, benefit, and operational aspects. 

Program Overview

Communicating and Developing the Business Case

The key task behind planning and conducting a risk assessment program is developing an understanding of the organization to be assessed. 

Risk Management Process

Before starting the design of the risk assessment program, it is important to understand the objectives and to evaluate both the extent and efficacy of the current risk control measures and system. This includes the scope, as well as risk control parameters, methods, and plans currently in place for risk management activities at the organization. 

Analyzing the Risk

What is the scope of the risk assessment program? Is it meeting the organization’s risk assessment objectives? Does it consider the context of the organization, its needs, and requirements? The scope should define the processes, functions, activities, physical boundaries (facilities and locations), and stakeholders to include within the boundaries of the risk assessment program. Learn how to match the scope with the resources available. 

Treatment of the Risks/Mitigation

Risk rating scales are defined in relation to organizations’ objectives in scope. Risks are typically measured in terms of impact and likelihood of occurrence. Impact scales of risk should mirror the units of measure used for organizational objectives, which may reflect different types of impact such as financial, personnel, and/or reputation. The time perspective used to assess the likelihood of risks should be consistent with the time perspectives related to objectives. 

Organizational Resilience and Risk

Building a resilient organization is a cross-disciplinary and functional endeavor. An organizational resilience approach to managing risks encourages critical infrastructure businesses to develop a more natural capability to deal with unexpected disruptions to “business-as-usual” activities. Discover the most effective ways to approach resilience that allow organizations to adapt to changes in their operating environments over time. 

Test, Measure, Review, Document Control, and Assurance

Understand the various tools and techniques that can be used to determine risk assessment. Identify how organizations can now bring their individual residual risk ratings together into a portfolio view to identify interdependencies and interconnections. Management can then determine any actions necessary to revise its risk responses or address design or effectiveness of controls. Successful implementation should translate into reduced risk exposures on organizations’ risk maps. 

NEW Case Studies

Each section within the course of instruction includes practical case studies that can be easily understood. 

NEW Interactive Exercise

A Risk, Threat & Vulnerability Assessment tool will be used by the class for practically applying the principles taught. 

______________________

Newcastle Consulting, LLC is an Enterprise Security Risk and Information Management Consultancy that provides proactive, predictive, and responsive advice and access to information critical in building a companies' resilience to operational risk. We constantly aim to achieve excellence by exceeding expectations through careful analysis in new approaches to risk management, security design and resiliency.