Avian influenza, or bird flu, is a contagious viral disease caused by certain types of influenza viruses that occur naturally among birds. Usually, these viruses do not infect humans, but several cases of human infection with bird flu viruses have been reported recently.
Why could this become an Operational Risk for your organization? Currently, these viruses are circulating in bird populations in Asia, and have resulted in severe illness and death in humans. Since the recent outbreaks of this strain began in 2004, more than 120 people have been confirmed as infected and more than 60 have died. Most human cases are thought to have occurred through contact with infected poultry or contaminated surfaces. However, some scientists worry that if the virus were able to mutate and be able both to infect people and then to spread easily from person to person in a sustained fashion, a global "influenza pandemic" (worldwide outbreak of the disease) could begin.
This WHO Avian Flu Fact Sheet can provide some of the answers on the disease.
operational risk
24 November 2005
21 November 2005
Simulation & Analysis: COOP on Steroids...
All of the planning tools that have automated the process of developing BCCM and COOP documentation have addressed only a small piece of the total mosaic for operational risk management. There is however a new "kid" on the block that is worth keeping your eye on. This is because they have created the tools for doing critical simulation and analysis of the impact of significant business disruptions to our critical infrastructures.
While we have all the confidence that there is a market for tools like these, the largest challenge still remains. Human Factors.
All of the scenario planning and simulation is important to create new contingency procedures or the application of new methods for mitigating the impact of such scenarios. However, the human factors are and will remain unknown until you actually exercise and effectively test that scenario. Only testing will tell you what people did or didn't do or why they reacted the way they did. The psychological and physiological unknowns are what throw the planners and simulation operators for a loop every time.
We hope that FortiusOne also gives their clients the insight they require to create the most realistic and optimal tests to determine what the real outcomes will look like before and after a natural disaster or terrorist event.
operational risk
FortiusOne’s target market encompasses both the public and private sector. The former includes federal, state, local and international segments, with primary emphasis on Homeland Security, National Defense, Intelligence and Emergency Management for critical infrastructure vulnerability assessments and consequence management. FortiusOne’s private sector market addresses risk analysis for the Banking/Financial Services, Transportation, Energy, Telecommunications, Insurance and general Supply Chain segments with primary emphasis on business continuity planning, business optimization and disaster recovery. Market size exceeds $40B and is upward trending in both public and private sectors. Recent events and consequences related to hurricane Katrina, terrorist threats and attacks, and corporate management/mis-management events have created intense interest in FortiusOnes’s products and services. The Company’s revenue model for both public and private sectors includes fixed price product pricing for basic assessments with additional high valued consultation for detailed analysis of specific client defined scenarios.
While we have all the confidence that there is a market for tools like these, the largest challenge still remains. Human Factors.
All of the scenario planning and simulation is important to create new contingency procedures or the application of new methods for mitigating the impact of such scenarios. However, the human factors are and will remain unknown until you actually exercise and effectively test that scenario. Only testing will tell you what people did or didn't do or why they reacted the way they did. The psychological and physiological unknowns are what throw the planners and simulation operators for a loop every time.
We hope that FortiusOne also gives their clients the insight they require to create the most realistic and optimal tests to determine what the real outcomes will look like before and after a natural disaster or terrorist event.
operational risk
17 November 2005
ISO 27001 : Information Security Management...
What Is ISO 27001?
This particular standard defines and specifies an 'Information Security Management System', known as an ISMS. It compliments the existing ISO 17799 security standard, and specifies a general framework for the creation and maintenance of the security process within an organization.
These two standards (ISO 17799 and ISO 27001) are closely related, and although their scope is wide, they have very distinct roles.
ISO 27001 defines the overall requirements for the security management system itself, the focus being on management. It is this standard, rather than ISO 17799, against which certification is offered. It was based upon an earlier standard, known as BS7799-2, but has been more closely aligned with other quality management standards.
operational risk
ISO 27001, titled "Information Security Management - Specification With Guidance for Use", is the replacement for BS7799-2. It is intended to provide the foundation for third party audit, and is 'harmonized' with other management standards, such as ISO 9001 and ISO 14001.
The basic objective of the standard is to help establish and maintain an effective information management system, using a continual improvement approach. It implements OECD (Organization for Economic Cooperation and Development) principles, governing security of information and network systems.
This particular standard defines and specifies an 'Information Security Management System', known as an ISMS. It compliments the existing ISO 17799 security standard, and specifies a general framework for the creation and maintenance of the security process within an organization.
These two standards (ISO 17799 and ISO 27001) are closely related, and although their scope is wide, they have very distinct roles.
ISO 27001 defines the overall requirements for the security management system itself, the focus being on management. It is this standard, rather than ISO 17799, against which certification is offered. It was based upon an earlier standard, known as BS7799-2, but has been more closely aligned with other quality management standards.
operational risk
09 November 2005
The Risk of 4GW: It's Here to Stay...
In today's OSAC 20th Annual Briefing at the U.S. State Department Bureau of Diplomatic Security we witnessed some excellent briefs from corporate CSO's and keynotes from Sandy Weill, COB of Citigroup and Dr. Condoleeza Rice, U.S. Secretary of State.
All had the theme of the day, the valuable and lasting public private partnership established twenty years ago by former U.S. Secretary of State George P. Shultz. There was much talk of the current risk of Fourth Generation Warfare (4GW), the same method of guerilla warfare described in The Sling and the Stone. In the middle of the presentations, many of our PDA's and phones began their vibrations and buzzing. Within a few minutes, the podium was announcing the latest attack on our own corporate assets in the capital of Jordan.
The Overseas Security Advisory Council (OSAC) now claims over 3,000 U.S. companies, educational institutions, religious groups, and non-governmental organizations as members known as constituents. Although OSAC is rarely in the limelight, the ways in which it helps American businesses fight terrorism abroad is unparalleled.
Is that a "Predator" taking off?
Mission
Tomorrow, in our second day of the OSAC briefing the room will be missing many of the constituent members as they begin the investigations and deploy new resources in the pursuit of justice.
operational risk
All had the theme of the day, the valuable and lasting public private partnership established twenty years ago by former U.S. Secretary of State George P. Shultz. There was much talk of the current risk of Fourth Generation Warfare (4GW), the same method of guerilla warfare described in The Sling and the Stone. In the middle of the presentations, many of our PDA's and phones began their vibrations and buzzing. Within a few minutes, the podium was announcing the latest attack on our own corporate assets in the capital of Jordan.
At least 57 people were killed and more than 100 injured when suicide bombers blew themselves up at three hotels in Amman, the capital of Jordan.
The hotels were popular with foreigners and many of the guests were involved in work in Iraq. The attacks destroyed the fragile calm that Jordan has enjoyed despite its proximity to Iraq and the support of its ruler, King Abdullah, for American and British policy in Iraq.
Major Bashir al-Da'aja, a police spokesman, said: "There were three terrorist attacks on the Grand Hyatt, Radisson SAS and Days Inn hotels and it is believed that the blasts were suicide bombings." Said Darwazeh, the health minister, said there were more than 50 dead but the toll could rise.
The Overseas Security Advisory Council (OSAC) now claims over 3,000 U.S. companies, educational institutions, religious groups, and non-governmental organizations as members known as constituents. Although OSAC is rarely in the limelight, the ways in which it helps American businesses fight terrorism abroad is unparalleled.
Is that a "Predator" taking off?
Mission
The MQ-1 Predator is a medium-altitude, long-endurance, remotely piloted aircraft. The MQ-1's primary mission is interdiction and conducting armed reconnaissance against critical, perishable targets. The MQ-1 Predator carries the Multi-spectral Targeting System with inherent AGM-114 Hellfire missile targeting capability and integrates electro-optical, infrared, laser designator and laser illuminator into a single sensor package. The aircraft can employ two laser-guided Hellfire anti-tank missiles with the MTS ball.
Tomorrow, in our second day of the OSAC briefing the room will be missing many of the constituent members as they begin the investigations and deploy new resources in the pursuit of justice.
operational risk
01 November 2005
Online Pharmaceutical Counterfeiting: The Digital Threat...
Pharma healthcare companies all over the globe are working hard to identify counterfeit drugs and to put these criminals out of business. This operational risk strategy saves countless lives each year. The first article in a series on counterfeiting at CSO Online misses a key focus on the Internet Channel of Distribution. In order to pursue this growing threat, organizations must consider the use of real professionals to deter, detect, defend and document effectively in order to have a comprehensive anti-counterfeiting program.
All of the forensic markers and post testing due diligence will not stem the tide of bogus pharma web sites selling counterfeit drugs. An effective corporate risk intelligence process combines both the low tech (HUMINT) sources and the high tech methods (DIGITAL SURVEILLANCE) from a single entity. Only then will the data fusion and correlation of information allow for a legal, competent and rapid interdiction of this lethal threat.
operational risk
The continuing growth of the Internet provides counterfeiters with ready access to unsuspecting consumers. Since goods purchased via the Internet are normally delivered through the conventional mail system, they frequently by-pass national regulations for the distribution of controlled goods.
The use of intelligent Internet surveillance with proprietary software, enables the detection of illicit distribution, trademark abuse, objectionable association and counterfeit activities, which can then be countered in a highly focused manner.
Authentix identifies client products on sale from suspect counterfeit sources, retrieves them anonymously and tests them for authenticity. In cases of minor misdemeanors they issue Cease & Desist letters for clients and monitor compliance. Where counterfeit or diverted product is retrieved, they support our clients through legal remediation by maintaining a documented chain of evidence.
All of the forensic markers and post testing due diligence will not stem the tide of bogus pharma web sites selling counterfeit drugs. An effective corporate risk intelligence process combines both the low tech (HUMINT) sources and the high tech methods (DIGITAL SURVEILLANCE) from a single entity. Only then will the data fusion and correlation of information allow for a legal, competent and rapid interdiction of this lethal threat.
Counterfeit medicines are a global scourge. The World Health Organization (WHO) estimates that as much as 10 percent of the half-trillion-dollar pharmaceutical market is counterfeit. In some developing countries, more than half of the drug supply may be fake. Every year, thousands die from ingesting fake medicines, many of which have been produced in squalid conditions using ingredients such as boric acid and highway paint.
operational risk
Subscribe to:
Comments (Atom)