Close

+1 (888) 982-9248 info@techassure.com

Archive for category: Information Technology

by

5 Basic Steps to Get Started in Enterprise Risk Management

If you are an innovative firm, then managing risk is an essential part of doing business. There are no standard enterprise risk management (ERM) plans that fit every technology firm. Each innovative firm is different and an Enterprise Risk Management program has to be designed to fit the specific needs on an individual business.

But there are five basic steps that a technology firm can take when starting their Enterprise Risk Management program. The ERM program should reflect the company’s culture and particular structure.

1. Personnel – The first step to developing an effective ERM plan is to involve key company personal. A team has to be assembled that will be responsible for overseeing the creation of the ERM plan as well as its implementation. Who are the key people in your organization that will be involved in establishing your enterprise risk management program?

2. Preparation – ERM preparation requires a realistic approach. By now you should have taken the basic steps to identify the critical risks that your organization faces. The next step will be to better determine your level of acceptable risk retention. Implementing an ERM program can help you broaden your scope of methods for managing those risks.

3. Documentation – The research involved with creating a company’s ERM plan needs to be thoroughly documented. This may involve interviewing key managers as well as conducting risk surveys and more. Sharing such documents among key personal can provide valuable ideas and provide resolutions for better managing those risks. The ERM plan should now be put together and reviewed. But keep in mind, an ERM program is always a working document. As your organization grows and changes, your ERM program will need to adjust.

4. Implementation – Once the ERM plan is created and passes the approval process, it is time to put it into place. All people involved with the ERM plan must be know their responsibilities. The plan needs to have event identification, risk impact response as well as defined actions that will be taken. An ERM plan without any implementation is not helpful in moving your organization to a higher level.

5. Monitor – Once an ERM plan has been created and put in place, it’s important it also be supervised. This can involve periodic audits, reviews, assessments and more. Effective supervision might also involve third parties to make certain the ERM plan is current and meeting all designated goals. Regular ERM monitoring will need to be done for the long term.

It’s important for companies in the technology and life sciences industries to manage all of their organizational risks. To do this properly may require getting assistance from industry experts. The members of TechAssure Association have the knowledge and experience necessary to provide expert advice for effective risk management. Contact us today to learn more.

by

What is Cyberliability Insurance?

A Chubb Group survey recently found that 2 in 5 companies suffered from a computer security issue in a 12-month period, with the typical data breach costing $5.5 million in organizational costs for 2011. About a quarter of the respondents expect another major incident this year. Yet, 65 percent do not have the proper cyberliability insurance to respond to their exposures. In the study it finds that the most likely reason for the omission is that most people don’t know what cyberliability is and that insurance protection exists for it. Further, most buyers don’t understand that the insurance policies vary greatly from carrier to carrier.

Cyberliability refers to the risks that your company faces from the operation of your network. The exposures include first and third party risks. It could involve risks to your company when information is compromised. or it may involve a virus entering your system and destroying your product data, a hacker stealing the customer credit card numbers stored in your database. It could also include a third party suing you for inadvertently putting a copyrighted picture on your website without permission.

When such incidents happen, at the very least, you’ll spend time and money to restore information, eliminate the threat, and perhaps, deal with any public relations fallout. Your company may also need to compensate third parties for any damages they suffered because of your computer problems.

Although specific policies differ, your traditional business insurance does not generally cover cyberliability. The and legislation to deal with computer security is rapidly changing and still evolving. You need a policy that specifically addresses your cyberliability exposures.

Please contact a TechAssure member to learn more about the insurance and risk management options available to your firm.

by

TechAssure Risk Survey Finds Information Technology Executives Knowledgable about Top Risks

In the current competitive business world, the business environment is quite challenging for technology firms. One of the key challenges facing technology firms is the uncertainty associated with their operations. Therefore, the possession of tools and knowledge for managing risk is a key driver of success for technology firms. Insurance costs have been rising over the past year. Consequently, technology firms are finding it necessary to have proper analysis on risk retention and management strategies, insurance purchasing, and internal risk control and management controls.

TechAssure Association, Inc has conducted its’ first risk survey for technology firms on the major risks and business concerns facing the technology industry.

Following our survey and based on our research and experience, we identified the top risk concerns for information technology firms. Ranked first, second and third respectively, the top risks for the Information Technology Sector were identified as reputation and brand image; network, security, and privacy risks; and legislative, corporate governance and regulatory changes. Other risks included business interruption, inability to attract and retain key talent, changes in economic conditions, failure to continue with new products and services innovation, increase global competition, and access to capital.

To retrieve a full copy of the summary of the 2013 TechAssure Association Risk Survey, please contact a TechAssure member.