Webinar Recap & Poll Results: COVID-19 – Responding to Cascading Risk

Written by Atul Vashistha


Most organizations today:
• Have divested in their consequence management programs that were created after 9/11
• Tend to focus on the controls environment as a result of the financial crisis
• Spend very little effort on monitoring changes in the external environment for potential disruptive risks


“We are going to be in a modified crisis mode for the next two to three years.”


A. When managing ongoing risk there’s three key areas to focus on, hopefully in a ROC (Risk Operations Center)*:

1. Risk (Threat) intelligence
2. Internal control environment
3. Consequence management

B. To successfully manage risk in today’s fast changing risk environment you have to have all of these components in your ROC:

1. Risk Intelligence

• Gathered in real-time and continuously
• Must be strategic and calculated in what information is gathered
• Curated so there isn’t information overload
• Enable actions on the right events and not reaction to everything

2. Workflow Tool

• Enables information to flow to the right people
• Know who you need to escalate to for specific impact or locations

3. Response Center

• Ability to direct internal and external (third-party) actions
• With multiple workstream
• Need proper execution plan

C. What we’ve learned from the current crisis:

The best risk management leaders and their firms are able to monitor how the crisis is progressing and can answer questions like:

• What’s happening to the workforce?
• Is the technology adequate?
• Is my location risk changing?
• What kind of financial stress test should I be doing?
• What are the government and authorities telling us?
• Are my facilities accessible or not?
• What are the actions my third parties are taking?

*For further reading on this topic, please read our article on ROC (Risk Operations Center).


You can view the webinar recap here.

The presentation is available here.



Announcing Supply Wisdom® Exuma

The next evolution in Automated Risk Management is here. Now you can automate risk mitigation across the entire risk management lifecycle, from Risk Identification to Risk Decision to Risk Action.