How do you communicate the importance of a strong risk mitigation strategy? It's easy to talk about fixing things after they've broken, but how do you showcase the value of preventing things from breaking in the first place? Do you quantify the cost avoidance, for example?

Governance, Risk & Compliance Risk Management

240 views2 Comments

Sort by:

Director, Enterprise Architecture in Services (non-Government)4 months ago

I would start by explaining the obvious, that we are used to a classical approach to risk mitigation where the risks are driven by people rather than what is happening now where risks are going to be increasingly driven by agentic AI.

If the modern LLMs are good at anything it is in finding things that are connected that other examiners have missed. Risk mitigation is becoming an area that must be the most creative aspect of cybersecurity because of the way hackers are leveraging models to probe defenses, iteratively and in an automated fashion with absolutely zero fear of downside - which will lead them to look for "any" angle rather than angles deemed the most lucrative.

Sr. Director of P2P in Software4 months ago

Anyone with a simple way to quantify risk with a monetary value, please share.

Content you might like

Seasoned supply chain leaders-- when you step into a new role, how do you prevent becoming overly reliant on past experience and stay alert to new or emerging risks?

What methods or strategies do you use to empower your employees to take ownership of decision-making at the frontline-- especially during unexpected disruptions?

How do you manage risk with contractors in your supply chain?

Keep hard copies and file paperwork13%

Update spreadsheets to create reports44%

Use a digital supply chain management solution27%

Partner with a third-party vendor11%

Other (comment below)3%

View Results

Are there any key learnings or best practices to start with when diving deeper into risk resiliency and supply continuity? We are currently looking to create risk profiles or scores for our suppliers to help us prioritize our work with our suppliers and also to support good sourcing decisions. What are the most important areas of risk to integrate first? Any key pitfalls that we should be mindful of?

Does your supply chain organization have a formalized risk appetite statement?

Yes47%

No34%

Not sure18%