ALEXANDRIA CITY PUBLIC SCHOOLS Applying Risk Management Consulting

Slides:



Advertisements
Similar presentations
Board Governance: A Key to Quality Organizations
Advertisements

Auditing Concepts.
© 2006 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Privacy Management for a Global Enterprise.
LOSS PREVENTION & RISK MANAGEMENT PROGRAM Loss Prevention Program A loss prevention program is helpful to promote the organization safe along with create.
January 2005 ETHICS, COMPLIANCE & CORRUPTION PREVENTION correctional services Department of Correctional Services REPUBLIC OF SOUTH AFRICA Creating an.
Making the Strategy Happen May21972 Organizational A Change in Action BADM
Risk Management for Technology Projects Geography 463 : GIS Workshop May
Enterprise Risk Management Chapter One Prepared by: Raval, Fichadia Raval Fichadia John Wiley & Sons, Inc
CHANGE READINESS ASSESSMENT Measuring stakeholder engagement and attitude to change.
Organizations of all types and sizes face a range of risks that can affect the achievement of their objectives. Organization's activities Strategic initiatives.
CMGT 400 Entire Course CMGT 400 Week 1 DQ 1  CMGT 400 Week 1 Individual Assignment Risky Situation  CMGT 400 Week 1 Team Assignment Kudler Fine Foods.
SEC 310 Entire Course For more classes visit SEC 310 Week 1 Goals and Objectives For a Security Organization Paper SEC 310 Week 1.
Phase-1: Prepare for the Change Why stepping back and preparing for the change is so important to successful adoption: Uniform and effective change adoption.
For more course tutorials visit
CMGT 400 GUIDE Real Success CMGT 400 Entire Course FOR MORE CLASSES VISIT CMGT 400 Week 1 Individual Assignment Risky Situation CMGT.
For More Best A+ Tutorials CMGT 400 Entire Courses (UOP Course) CMGT 400 Week 1 DQ 1 (UOP Course)  CMGT 400 Week 1 Individual Assignments.
CMGT 430 Week 2 Individual Applying Risk Management Consulting Check this A+ tutorial guideline at Week-2-Individual-Applying-Risk-Management-
1.5 Entrepreneurs and leaders Role of an entrepreneur
Security Development Lifecycle (SDL) Overview
Rights and responsibilities of providers and individuals
Auditing Concepts.
Board Roles & Responsibilities
Introduction to The Rational IT Model
MGMT 452 Corporate Social Responsibility
Software Risk Management
Workplace Projects.
Update from the Faster Payments Task Force
School of Economics Shanghai University
MGMT 452 Corporate Social Responsibility
Organisation Control KPI’s & an industry Review
1.5 Entrepreneurs and leaders Role of an entrepreneur
Managing Organizational Change and Development
MGT 498 TUTORIAL Success trials - mgt498tutorial.com
With current ethical challenges, is it safe to say Risk Management processes are responsive to an accountable government? CIGFARO- AUDIT &RISK INDABA.
Building the foundations for innovation
Risk Management for Technology Projects
SEC 310 Competitive Success/snaptutorial.com
MGT 498 Education for Service-- snaptutorial.com.
MGT 498 EDU Lessons in Excellence-- mgt498edu.com.
MGT 498 TUTORIAL Lessons in Excellence -- mgt498tutorial.com.
SEC 310 Education for Service/snaptutorial.com
MGT 498 Education for Service-- snaptutorial.com
MGT 498 TUTORIAL Education for Service--mgt498tutorial.com.
CMGT 400 Education for Service-- tutorialrank.com
MGT 498 Teaching Effectively-- snaptutorial.com
Vision Facilitation Template
Post-Merger Integration
Strengthening our Commitment to Accountability to Beneficiaries
Strengthening our Commitment to Accountability to Beneficiaries
Conflict Management November 2017
Why ISO 27001? Subtitle or presenter
The Organizational Context
Unit 1.6 Systems security Lesson 2
Cybersecurity Special Public Meeting/Commission Workshop for Natural Gas Utilities September 27, 2018.
Information Security Risk Management
Strengthening our Commitment to Accountability to Beneficiaries
Why ISO 27001? MARIANNE ENGELBRECHT
ISO/IEC BRIEFING..
The control environment
Presentation to - Management Team Javier Garza, HRM B-02
HIPAA SECURITY RULE Copyright © 2008, 2006, 2004 by Saunders an imprint of Elsevier Inc. All rights reserved.
Urban Engineers ISO 9001:2015 General Overview
How An Organization Influences Ethical Decision-Making
Portfolio, Programme and Project
Working SMART How Leaders can Align Attendance with School Goals, Structures and Functions Welcome - Introductions Name of the session – We all know that.
Customer Empowerment Working Group
Introduction to Projects
Safety Culture Peter Jacobsson Environment, Safety & Health
IS-907 – Active Shooter: What You Can Do
RESPONDING TO STUDENT VOICE: PRINCIPLES OF PRACTICE
Presentation transcript:

ALEXANDRIA CITY PUBLIC SCHOOLS Applying Risk Management Consulting CMGT 430 Walter B Williams Jr January 17, 2017 Professor Thomas Maricle

Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings. A risk management plan increasingly includes companies' processes for identifying and controlling threats to its digital assets, including proprietary corporate data, a customer's personally identifiable information and intellectual property. What is it?

Topics of Discussion Describe how the organization can apply risk management principles in its efforts to secure their systems. Outline how protection efforts will vary over time. Include three different example sets, each with a vulnerability, related risk, and way to mitigate (control) that item.

Principles of Risk Management Organizational Context Involvement of Stakeholders Organizational Objectives Reporting Roles and Responsibilities Support Structure Early Warning Indicators Review Cycle Not all of these Risk Management Principles may apply to the Alexandria City Public Schools setup, but we will touch on them briefly just to familiarize you with them. Organizational Context: Every organization is affected to varying degrees by various factors in its environment (Political, Social, Legal, and Technological, Societal etc). For example, an organization may be immune to change in import duty whereas a different organization operating in the same industry and environment may be at a severe risk. There are also marked differences in communication channels, internal culture and risk management procedures. The risk management should therefore be able to add value and be an integral part of the organizational process. Involvement of Stakeholders: The risk management process should involve the stakeholders at each and every step of decision making. They should remain aware of even the smallest decision made. It is further in the interest of the organization to understand the role the stakeholders can play at each step. Organizational Objectives: When dealing with a risk it is important to keep the organizational objectives in mind. The risk management process should explicitly address the uncertainty. This calls for being systematic and structured and keeping the big picture in mind. Reporting: In risk management communication is the key. The authenticity of the information has to be ascertained. Decisions should be made on best available information and there should be transparency and visibility regarding the same. Roles and Responsibilities: Risk Management has to be transparent and inclusive. It should take into account the human factors and ensure that each one knows it roles at each stage of the risk management process. Support Structure: Support structure underlines the importance of the risk management team. The team members have to be dynamic, diligent and responsive to change. Each and every member should understand his intervention at each stage of the project management lifecycle. Early Warning Indicators: Keep track of early signs of a risk translating into an active problem. This is achieved through continual communication by one and all at each level. It is also important to enable and empower each to deal with the threat at his/her level. Review Cycle: Keep evaluating inputs at each step of the risk management process - Identify, assess, respond and review. The observations are markedly different in each cycle. Identify reasonable interventions and remove unnecessary ones. Supportive Culture: Brainstorm and enable a culture of questioning, discussing. This will motivate people to participate more. Continual Improvement: Be capable of improving and enhancing your risk management strategies and tactics. Use your learning’s to access the way you look at and manage ongoing risk. Supportive Culture Continual Improvement

Describe how the organization can apply risk management principles in its efforts to secure their systems. Communication within the organization is the biggest factor in order for the principles of Risk Management to work properly. If you see something, say something is just as important here as it is everywhere else. Otherwise, people will continue what they are doing and eventually personnel files and monies will be lost. Example will be given in the up coming slides.

Outline how protection efforts will vary overtime. Three of the principles of risk management will come into play; reporting, early warning indicators and continual improvement in the organization. Reporting: That comes from the employees of Alexandria City Public Schools. If you see someone punching in for someone else or using the copier machine with someone elses access card, it needs to be reported. Early warning indicators: For the punch in, Human Resources will have to review the punch in sheets on a daily basis. Continual Improvement: Teach everyone the risks of preventing unauthorized punch ins, unauthorized use of the copier machine

Include three different example sets, each with a vulnerability, related risk, and way to mitigate (control) that item. Time Clock Clocking someone else in Use of finger print reader Time Clock: Clocking someone else in because they are running late to work. That is stealing time from the school system. Even worse is when the person just does not show up at all. Eventually they will get caught. Time Clock: It can be used to request for time off or vacation time. If you captures someone else password and you have a grudge against them, you can really ruin their day by punching in and mess up their personal and sick leave time. Copier Machine: Football pools are popular at work. You put them together and then you have to make copies. You do not want to use your paper, so you find the office staffs access card and you make copies of the football sheets and everyone is happy except the supply clerk who has to order more boxes of copier paper than needed. Add a password with the use of the access card and you will satisfy the use of the copier machine. Time Clock Inputting leave and time off Use of finger print for someone else reader Copier Using staff members access Use of access card card and password

References Principles of Risk Management. (2017). Retrieved from http://www.managementstudyguide.com/principles-of-risk- management.htm Alexandria City Public Schools. (2017). Retrieved from http://www.acps.k12.va.us/

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.