Written by; Farhad Rahaman for The Institute of Risk Management South Africa (IRMSA)
In this modern-day, tech-savvy world, we would like to believe that we could never be fooled by a social engineering scam or phishing attempt! Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity via electronic communication. The reality is that it is easy to catch someone in this way. Here are some tips to look out for so that you do not become just another phishing statistic:
ENDS MEDIA CONTACT: Rosa-Mari, 060 995 6277, rosa-mari@thatpoint.co.za, www.atthatpoint.co.za For more information on IRMSA please visit: Website: https://www.irmsa.org.za/ Twitter: https://twitter.com/IRMSAInsight Facebook: https://www.facebook.com/IRMSAInsight/?ref=hl LinkedIn: https://www.linkedin.com/company/irmsa-institute-of-risk-management-sa/
0 Comments
Authored by: Lindiwe Magobholi, IRMSA Risk Intelligence Committee Member Conflict of interest has been topical in the recent history with debacle of “state capture” involving audit firms and the likes, and not forgetting landmarks events such as Steinhoff, Old Mutual (Moyo debacle) etc. raising questions on the effectiveness of the governance structures existing within Corporate and Public Sector. Are they even there? Do they have the knowledge/skills or even have the necessary authority to effect the necessary change or are they fit & proper? In the past year, Board and Sub-committee members have increased their level of awareness and scrutiny to management reports and the levels of assurance that can be drawn from it. Similarly, professional bodies such as SAICA, IIA etc. have come under scrutiny on whether; - they can actually “bite” when a member has acted in a questionable manner; - whether there is a process to be followed in these eventualities and; - has the process stood the test of time or; - has a proven record of adding value to the organisation over time. Many organisations have policies in place on conflict interest that will address one of the following issues: - that conflicts of interest must be disclosed at the earliest point of detection. Generally, they’ll be a register where all the necessary information is recorded, the nature and monetary value. - that the concerned individual should not be involved in the decision-making process concerning the conflict. The definition of conflict of interest relates to the existence of a conflict (clash) between private interests and official responsibilities of person in a position of trust including family members and in external organisations, businesses and practices. These policies have been placed under serious scrutiny on their adequacy in preventing/managing conflicts of interest. So, the issue in many instances including the fall of entities such as Enron, is that there’s existing relationship between the conflicted parties and it “waters-down” the policies in place. The culture of stakeholder management exists in business where events like Golf days etc. are held to strengthen business relationship. These often set a different tone to that of conflict of interest as they create a relation of trust amongst stakeholders which underpins many important decisions in the business. I’m of the opinion that the existence of conflicts of interest is the genesis of the problem. Prevention is always better than cure. Professional bodies likewise, have reviewed their code of conducts and reverted to members to sign on an annual basis. Understandably so, the reputational risk on them is immense because the question remains that “is a professional membership a carrot or stick (or both) relationship? Is the benefit of professional membership balanced with the behavioural requirements? the systemic risk cannot be ignored. These recent events as seen in media reports have raised the questions that we`ve never had to deal with before simply because there were no delinquents or even if they there were there, they were few-and- far in between or didn’t hold any reputational risk whatsoever. It is normal business practice that senior positions are mostly based on networking relationships formed in and outside of the business environment. Some can be traced as far back as Primary School and therefore run very deep. They also provide a comfortable level of trust, an important element in business dealings. At this level of management, the character of an individual outweighs their competencies. Where the conflict concerns a person in a position of power, then the assurance providers come under extreme pressure not forgetting the impact on their careers. This is where the lines of assurance, be it Audit or Risk are side-lined one way or the other. The COSO framework of 2017 stressed that not only do risk professionals need to review the implementation of strategies but should be involved in its formulation and evaluate its appropriateness in light of the vision & mission of the entity. It is very easy to get side-tracked by a brilliant strategy, but does it speak to the heart of the entity? And so the same principle should apply here i.e. the risk of conflicting interests should not only be acknowledged but fully dissected by the risk professionals, the implications and depth thereof. Only then can the appropriate response be formulated. Business relationships exists purely for that i.e. business and not for personal gain. And so, where a conflict arises, the introspection point for the decision makers is primarily, should that situation exist in the first place? Secondly, is the exclusion of the conflicted member in the decision-making process translate to fact that their referent power, influence, existing relationships becomes absent in the minds of the decision-makers? And thus, can we really argue that they do not influence the decision? What happens with the outcome of the decision and the impact on the existing relationship? ENDS MEDIA CONTACT: Rosa-Mari Le Roux, 060 995 6277, rosa-mari@thatpoint.co.za, www.atthatpoint.co.za For more information on IRMSA please visit: Website: https://www.irmsa.org.za/ Twitter: https://twitter.com/IRMSAInsight Facebook: https://www.facebook.com/IRMSAInsight/?ref=hl LinkedIn: https://www.linkedin.com/company/irmsa-institute-of-risk-management-sa/ The Institute of Risk Management South Africa (IRMSA) risk chat authored by: Nicky Downing
Cyber security is the process of protecting networks and devices from emerging risks and cyberattacks. The evolving nature of the digital landscape makes this potential threat critical to an organization, and information management has taken centre-stage as of late in terms of the potential risks associated with cyber security. A mature cybersecurity system has multiple layers of defence spread across the organisation, but many organisations fail to understand the serious compliance and risk management implications of cyber and information security. The ever-growing threat to the organisation that it poses in the pursuit of its overall business objectives and continuity cannot be understated, with an estimated 10 billion cybersecurity events (breached records) occurring in the last year. Cyber risk and compliance exposure, in the chaotic modern business world, is a complex mesh of vulnerabilities that crosses through different departments and functions within the business and its operations. The effect of a seemingly isolated information or cyber risk can soon become ubiquitous – causing trouble throughout all levels of the organisation. The Cost In the context of just GDPR, the momentum in increased fines culminated in the data protection authority of the United Kingdom announcing its intent to impose significant fines against two companies for violations of the EU GDPR. The ICO had decided to levy British Airways with a record £183.39 million (about R3.48 billion ZAR) fine for GDPR violations relating to a 2018 data breach. due to security failings, which exposed a half-million customers to data harvesting from a fraudulent site. The UK’s information commissioner topped off the breaking news by urging caution to organisations, warning that similar fines could be levied unless organisations better protect the personal information and data of customers. A day after the release of the fines levied against British Airways, it was released that Marriott International faces up to a $124 million fine (about R1.836 billion ZAR) for GDPR violations relating to a significant breach within its Starwood Hotels and Resorts subsidiary. The breach is said to have allegedly affected over 300 million customers and guests globally. Earlier this year, France’s CNIL (National Commission on Informatics and Liberty) announced a €50 million (about R956 million ZAR) fine levied against Google for failing to comply with the tough new privacy laws. Shortly after this had happened, a published report came out of Germany stating that authorities had levied 41 GDPR related fines to organizations who were not compliant as of this past January. These attacks, however, are not just left to the risk and compliance burdens of large corporations. According to an annual study calculating cybersecurity costs holistically, 43% of online attacks are now aimed at small businesses and only 14% are prepared to combat a cyber breach – highlighting the need for organisations of all sizes to make cybersecurity a top priority. The consequences for small businesses in the case of a cyber incident is estimated to cost on average $200,000.00, (nearly R3 million ZAR) threatening to potentially put 60% of small businesses out of business, or at least put the organisation in a financially dire situation. The Aftermath An effective cyber-breach can cause serious structural damage to your organisation. The affects can range from reputational damage hurting consumer trust in your organisation, to compliance and financial affects that have serious implications on your organisation’s bottom line. The impact of a cybersecurity breach can be split up into three categories: Financial. Cyber-attacks often result in substantial financial loss. Not only has corporate information likely been stolen (and possibly even financial information e.g. card and/or banking details), but the organisation will also generally incur costs associated with improving and repairing the affected networks and systems. Recent experience with new data privacy laws, such as GDPR, tells us that there is a serious financial cost to non-compliance within cybersecurity and data protection. Reputational. Trust is an essential element of building understanding within an organisation and its clientele. A cyber-breach can cause serious damage to your organisation’s reputation and erode the trust your customers have in you. This could, as a result, potentially lead to loss of customers, lower sales numbers, and, in turn, a reduction in profits. The possible effects can even have serious implications on any partners, investors, and third-parties with a vested interest in your organisation. Compliance. Data protection and privacy laws require you to manage the security of all personal data you hold - whether on your staff or your customers. If this data is accidentally or deliberately compromised, and you have failed to deploy appropriate security measures, you may face fines and regulatory sanctions. Compliance The challenges of personal data protection/privacy are growing as organisation’s not only have to respond to the EU GDPR, but also to California’s Consumer Protection Act (CCPA), New York Privacy Act (NYPA), South Africa’s Protection of Personal Information Act (POPIA), and more. Although your organisation might not be headquartered in the jurisdiction of any of these laws, companies with a local operational presence in the EU or with an offering that is being directed to the EU, are subject to the GDPR’s territorial or extraterritorial reach. Consequently, such companies must work on complying with GDPR requirements. These companies have been required to comply with global data protection policies which have been adopted by their global management, effectively requiring them to comply with many material aspects of GDPR. It is becoming increasingly clear that this growing list of data protection and information management legislation presents a massive risk and compliance obstacle for organisations. Closing Thoughts Organisations cannot rely on only managing and continuously monitoring cybersecurity. Unless this monitoring and management is part of an integrated strategy that approaches information security, risk and compliance from a holistic lens, the organisation’s actions won’t be truly effective and fall short of meeting international standards. The full scale of vulnerabilities and requirements that weigh down information and cybersecurity must be addressed in a standardised and well-established information management and cyber security architecture. ENDS MEDIA CONTACT: Rosa-Mari, 060 995 6277, rosa-mari@thatpoint.co.za, www.atthatpoint.co.za For more information on IRMSA please visit: Website: https://www.irmsa.org.za/ Twitter: https://twitter.com/IRMSAInsight Facebook: https://www.facebook.com/IRMSAInsight/?ref=hl LinkedIn: https://www.linkedin.com/company/irmsa-institute-of-risk-management-sa/ Authored by: Volker von Widdern, The Institute of Risk Management South Africa (IRMSA) Risk Intelligence Committee Member
It is possible that the increasing prevalence of diabetes in South Africa may become an even greater challenge than the HIV epidemic. The development of anti-retro viral clinical responses to HIV have substantially reduced exposure to HIV, but it does not appear that similar clinical advances can be achieved in the next 10 years to mitigate the impacts of diabetes. Since human resources are usually the highest priority and cost factor in most organisations, the consequential impact of diabetes on the productivity and development or retention of intellectual property, will face significant risks. The increasing prevalence of diabetes in South Africa is unfortunately another outcome of the high levels of polarisation in our population. Eating patterns and increasing urbanisation are accelerating the prevalence of diabetes, and these social drivers are a reflection of our high levels of unemployment. Should employers invest in strategies that reduce employee exposure to diabetes? It can be argued that such investments have no reliable return because employees can easily move to other businesses. However, it is also true that well aligned and productive employees are by far the most differentiated source of company performance. What could the scenarios be if no investment is made in reducing the prevalence of diabetes? It is then likely that employee turnover will increase and there will be an artificial demand for employees that have less risk or exposure to diabetes. There are several research articles that demonstrate the sharp increase and high prevalence of diabetes in SA, and one example from which a short extract is shown below, is: The prevalence of type 2 diabetes in South Africa: a systematic review protocol Carmen Pheiffer, Victoria Pillay-van Wyk, Jané D Joubert, Naomi Levitt, Mweete D Nglazi, Debbie Bradshaw “The prevalence of diabetes is rapidly increasing in South Africa. In 2009, approximately 2 million (9%) people aged 30 years and older had diabetes, increasing almost twofold since 2000 when Bradshaw et al reported a prevalence of 5.5%. Several factors such as the ageing population, economic transition and urbanisation associated with nutrition transition and obesity have contributed to the increased diabetes prevalence. In 2000, it was estimated that 87% of diabetes cases in South Africa were attributed to excess body weight. This is concerning since in 2013 ~38% of men and ~69% of women in South Africa were considered overweight or obese. In 2015, the global burden of disease study estimated that high body mass index and hyperglycaemia, ranked as the second and third leading risk factors, respectively, after unsafe sex, for early death and disability in South Africa. Diabetes, due to its association with several microvascular and macrovascular complications, places a significant burden on the South African health system. In 2009, it was estimated that diabetes caused about 8000 new cases of blindness and 2000 new cases of amputations annually. A national burden of disease study in 2000 reported that diabetes accounted for approximately 14% of cases of ischaemic heart disease, 10% of stroke, 12% of hypertensive disease and 12% of renal disease. Furthermore, the indirect costs of diabetes are high. Diabetes in Africa affect mainly working-aged people between 40 and 60 years of age placing an added burden on the economy due to work absenteeism and decreased productivity. South Africa is battling a quadruple burden of disease due to high rates of infectious diseases, non-communicable disease, maternal and child mortality, and injury-related disorders, thus have limited resources to meet the increased health and economic costs of diabetes.” ENDS MEDIA CONTACT: Rosa-Mari, 060 995 6277, rosa-mari@thatpoint.co.za, www.atthatpoint.co.za For more information on IRMSA please visit: Website: https://www.irmsa.org.za/ Twitter: https://twitter.com/IRMSAInsight Facebook: https://www.facebook.com/IRMSAInsight/?ref=hl LinkedIn: https://www.linkedin.com/company/irmsa-institute-of-risk-management-sa/ Authored by: Sidney Mongala, CRM Prac Member at The Institute of Risk Management South Africa (IRMSA)
The way we do business today is 1000 times advanced than it was done in the last millennium, 100 times advanced than was done in the last century and 10 times advanced than was done in the last decade.This is an indication of how rapid life changes. The more our lives are advancing, the more the need for advanced ways of doing things, the more complex the risk environment evolves. This is therefore the driver of future business successes and determinant of future business traits and trends. As futurists and trend analysts project the future ahead, businesses should likewise be positioned for the advanced and sophisticated ways of doing business. Future Chief Risk Officers (CRO) should thus not be left behind but partner with businesses in crafting future fit business models and strategies. Thus competing with AI and Robotics in this 4IR era which might lead to diminishing credibility and relevance of human intervention and interface. The way we do business has changed such that we don’t use much physical money anymore to do business as we venture into this 4IR era. Cryptocurrencies are here to disrupt the old way of transacting and they are the future waves of doing business. Likewise CROs should continue evolving the way they are doing things and improving their competencies to feed the new waves of doing business and be able with reasonable certainty to advice businesses to be competitive and business savvy to capture the rapidly changing 4IR market share. With these advancements in the way business is done these days, surely I can safely say disappearing are the days of our lives wherein CROs:
Future CROs therefore need to position themselves to be business partners and advisers on business strategies, operations and decisions on the go; “Just In Time (JIT) Risk Management Advisory System and Processes”. The CROs of the future should therefore possess the following traits:
The future CROs should be engaged in every discussions, planning, decisions, projects, etc. for growth in business and/or service delivery. Future CROs should be future risk visionaries of businesses and be able to advice of the future fit business strategies, decisions and plans in the 4IR wave of doing business. Although future CROs are not expected to be “Drs Of All Problems and Mr/Ms/Mrs Know It All”, future CROs should be able to know where the business is going and be able to advice throughout the business journey. The future CROs should be the library of risks and opportunities required to build future proof strategies for successful, growing and service delivery savvy businesses. Like Artificial Intelligence (AI) and 4th Industrial Revolution, future CROs should:
This means that businesses should understand and put risk management as part and parcel of everything they do lest they fall on a double sharp-edged sword that cut the throats of big businesses such as Bearings Bank, Washington Mutual Bank, VBS Mutual Bank, WorldCom, Enron, Lehman Brothers, Arthur Andersen, etc. A lot of businesses that are not fine-tuning to the new wave of doing business will suffer the consequences of business intelligence risks such as AI and 4IR in the next ten to fifty years. These include mostly the labour intensive businesses, ICT businesses that have heavily invested in old ICT Infrastructure, Financial Institutions that are in denial of the arrival of the cryptocurrencies and other disruptive technologies, and so forth. Likewise, to have future CROs that are equivalent to the old technology and are stuck in the old and safe way of doing business will not survive the use of rapidly evolving and competitive 4IR era of Robotics, AI, Big Data, IoT, etc. This will be like running a financial institution wherein people queue for cash withdrawals and deposits in this era of EFTs, Banking Apps, Smart Banking, Cradles Transacting, cryptocurrency, virtual banking, etc. These kinds of future CROs will fall with their business ideas and may find it very difficult to fit anywhere in the future wave of doing business. Another key question to be answered is “how prepared and advanced will our education system be to ensure that future CROs are relevant and fit into the rapidly changing business environment”. How will the bridge between our education system and the future wave of doing business be closed in order to supply the business world with the bright minds for future fit CROs. How prepared and adaptable is the education system to fit the future way of doing business and thus bridging the gap between the demand and the supply for future fit CROs, risk managers and assurance providers. Let me leave you by saying “If we don’t take care of the future, the future will take care of us and we will suffer the consequences”. ENDS MEDIA CONTACT: Rosa-Mari, 060 995 6277, rosa-mari@thatpoint.co.za, www.atthatpoint.co.za For more information on IRMSA please visit: Website: https://www.irmsa.org.za/ Twitter: https://twitter.com/IRMSAInsight Facebook: https://www.facebook.com/IRMSAInsight/?ref=hl LinkedIn: https://www.linkedin.com/company/irmsa-institute-of-risk-management-sa/ Authored by: Andrew Pike, Fellow of the Institute of Risk Management South Africa (IRMSA)
In August 1991, excited holiday-makers boarded the Oceanos, a Greek-owned passenger vessel, at East London for the trip of a lifetime. Despite a raging storm, the Captain ordered the ship to set sail for Durban. Hurricane force winds and giant rogue waves battered the ship. About 4 hours after she had set sail and when she was a couple of miles off a remote stretch of the Transkei coast, the auxiliary engine room was breached and the ship started taking huge volumes of water. Panicking senior crew members scrambled into lifeboats, leaving the ship’s evacuation to on-board entertainers and crew staff. Women and children clambered aboard life boats which were then launched into the monstrous seas, but eventually all operational or launch-able life boats had been used and 221 passengers were left stranded aboard the sinking ship. The South African Air Force, in cooperation with the Navy, then launched its biggest rescue operation in history to airlift passengers off the stricken vessel, battling 70 knot winds and waves in excess of 20 meters. Passengers who had been evacuated in life boats were eventually all picked up by merchant ships and fishing vessels in the area. The airlifted passengers were removed from the ship and taken to a local hotel about 2 to 3 miles away from the ship. During the helicopter airlift, the Captain of the ship also deserted all of the passengers and remaining crew, thus leaving the ship completely in the hands of civilians and junior crew members. Eventually, about an hour before the ship sank and 17 hours after the drama started, all passengers had been safely evacuated. It was against all odds that no one perished in the disaster. Stories abound of heroism, cowardice, commitment and the emergency response of all involved. However, the reality is that the Department of Transport itself had never planned for a disaster on this scale and certainly no one in South Africa had ever given any thought to the possibility of a passenger ship sinking. This was the materialization of a risk on such a grand scale in maritime terms that it was never in any one’s contemplation and, had risk management been the art form then that it is nowadays, a sinking passenger liner would probably not have been on any one’s risk register. And yet, despite mountainous seas, a cowardly crew, a shortage of life boats and everything else, South Africa pulled together and effected what was arguably the most successful maritime rescue in history. Nowadays, with a keener sense of risk identification, most major organizations have some level of preparation in respect of most risks. But what do we do about the risks which were just never seen coming? Given the current accelerated pace of technological growth, climate change, uncertain financial markets and the like, it seems inevitable that at some stage most organizations are going to be faced with a risk they hadn’t thought about. For me, the common thread running through the Oceanos rescue was a combination of the following factors which made the rescue the success that it was: People and skills:
In conclusion, whilst Risk Registers and Risk Identification are becoming more sophisticated, it is likely that, as things change, organizations will not be able to anticipate and prepare for every risk. However, if the basics and essentials are in place, what organizations will do is build sufficient resilience to address the disasters which may befall them. ENDS MEDIA CONTACT: Rosa-Mari, 060 995 6277, rosa-mari@thatpoint.co.za, www.atthatpoint.co.za For more information on IRMSA please visit: Website: https://www.irmsa.org.za/ Twitter: https://twitter.com/IRMSAInsight Facebook: https://www.facebook.com/IRMSAInsight/?ref=hl LinkedIn: https://www.linkedin.com/company/irmsa-institute-of-risk-management-sa/ Authored by: Christopher Palm, Chief Risk Advisor, Institute of Risk Management South Africa
The top risk in South Africa is structurally high unemployment; followed by growing income disparity and inequality, according to the 2019 IRMSA Risk Report. Stats SA says unemployment in the first quarter of 2019 increased by 0,5 of a percentage point, bringing the rate to 27,6%. The burden of unemployment is concentrated amongst the youth between the age of 15 and 34 years. Almost 4 in every 10 young people in the labour force do not have a job. The IRMSA report creates awareness of the risks facing the achievement of the South African country and industry objectives. More than 85 experts in their fields provided opinions and profound insights for each of the top ten risks facing the country and industry. In the IRMSA report VoxCroft Analytics specifically expressed concern that the growing disillusionment among the youth of South Africa could lead to a youth-driven protest movement, on a much larger scale than the student protest movement. Such a movement, if led and supported by other population groups in the country, would hold a particular challenge for the general political stability of the country. Nerine Kahn, CEO at Employment Relations Exchange, says unemployment is possibly the highest risk to the achievement of any or all of the National Development Plan’s (NDP) objectives. The NDP goals are targeted towards developing certain aspects of the economy, but require very significant skills and education levels. IRMSA recognises the NDP as the legitimate summation of the joint goals of government and private sector; to work towards a shared and prosperous future for the country and its people. Graeme Codrington, founding director of strategic insights firm, TomorrowToday, says South Africa is seemingly just limping along with not much changing, and yet, under the surface some significant shifts are taking place. The impact of fraud and corruption and State failure has shifted down the risk-list. It is now in the fourth place. In 2017 it was top of the list, and last year it was the second biggest risk facing the country. This reflects the ending of the Zuma-era; a decade that will be blight on the nation for some time to come. Last year saw the beginnings of a collective resolve to reverse the damage. Difficult decisions were made, such as raising the VAT rate with one percentage points, replacing the boards of key State-Owned Enterprises, dropping the nuclear deal and tackling the land issue. South Africa has a robust economy and currency (relative, at least, to our peer group which include countries such as Turkey, Argentina, Thailand, Indonesia, Mexico, Egypt and Nigeria). It has a stronger government than we have had for years. We are not where we want to be, but we are a long way ahead of where we once were. The first few years of the 2020s will see a more resolute approach to solving the land issue. We have no future as a country if a vast majority of its citizens remain locked in endemic poverty and landlessness. The ANC has pledged to deal with the land issue lawfully, carefully and without damaging the country’s economy. Small groups, with their own particular agendas, are using fear-mongering tactics along with “sophisticated psychological techniques” and the manipulation of social media, to sow seeds of fear, discord and enmity between ordinary South Africans. Business and individuals must get involved in solving the major issues that currently lock people out of their futures, especially education, employment and healthcare. Trevor Channing, head of governance and risk at the Chemical Industries Education and Training Authority (CHIETA), is of the view that South Africa’s second biggest risk - growing income disparity and inequality - will threaten the majority of the six priorities in the NDP. It will have a direct impact on our social cohesion, strengthening our democracy, citizenry and functioning as a capable and developmental state. The country now needs ethical political leadership for sustainable foreign investments, and an end to wasteful expenditure for resources to be applied in ways that will stimulate economic growth. The country needs all sectors of society to create a united front against the national issues that are holding us back. South Africa top 10 overall risks
ENDS MEDIA CONTACT: Rosa-Mari, 060 995 6277, rosa-mari@thatpoint.co.za, www.atthatpoint.co.za For more information on IRMSA please visit: Website: https://www.irmsa.org.za/ Twitter: https://twitter.com/IRMSAInsight Facebook: https://www.facebook.com/IRMSAInsight/?ref=hl LinkedIn: https://www.linkedin.com/company/irmsa-institute-of-risk-management-sa/ Authored by: Jessica Knight, IRMSA Risk Intelligence Committee Member
The Fourth Industrial Revolution brings with it a fundamental shift in how we do business. Advances in technology and the increasing digitisation of many roles means that the conventional brick-and-mortar business model is quickly shifting towards a hybrid model of an international corporation with nuances of the exponentially popular gig economy. This hybrid is regularly defined by decentralised operations and autonomous employees. In this ever-transforming landscape, a key consideration for organisations is how to take advantage of the global marketplace to source top talent, through the use of digital nomads. Digital nomads are remote workers who typically travel to different locations while still fulfilling their professional obligations. They often work in coffee shops, co-working spaces, or public libraries, relying on devices with wireless internet capabilities like smartphones and mobile hotspots to do their work on the move. The average digital nomad is a Millennial between the ages of 22-35 who is tech-savvy and in hot pursuit of the optimal work-life balance. Rethink Productivity Measurement The rise of digital nomadism is causing companies to re-evaluate the traditional model of measuring productivity. Companies that are preoccupied with time spent working - as opposed to deliverables or results and the quality thereof - are focused on the wrong unit of measure. The number of hours a person works rarely equates to their productivity or achieved results. In a factory system you can achieve economies of scale through allocating and automating tasks that run on a time basis and can measure the cost/yield per hour of production. People are not machines and you cannot achieve the same utility by treating them as such, so why do we continue to use elements of the factory system in how we manage and govern businesses? Productivity and efficiency in humans should not be measured off the basis of hours worked. There is an ebb and flow that needs to be considered, differentiating human and machine elements. Enter the digital nomad, a role focused on results as "hours worked" becomes an almost ungovernable aspect of operations. The appeal of the 40 - 50 plus hours per week spent in a cubicle environment is dwindling in the face of defining your own operational environment through digital nomadism. Not all trends are relevant The integration of digital nomadism is not necessarily suitable to every organisation as it poses new risks stemming from hybrid business models, decentralisation and technological reliance. This refined form of freelancing is often ambiguous, lacks structure and is constantly adapting. Defining and managing your company’s risk becomes tricky when your workforce does not sit in the same place and operate using standardised methods. Controlling roles and responsibilities from a distance becomes a challenge when your team cannot be easily monitored. A business should be able to achieve the same or better results when considering the adoption of the digital nomad trend. Not all trends are relevant so adoption should always align to business objectives before pop-culture imperatives. The crux of governing digital nomads of the future is not to try and replicate a conventional business model for remote work, but rather to completely re-evaluate what a successful operational environment should look like. There are many metrics to gauge business success, but operational success - a holistic success factor for employees, their environment and the work that they do - is traditionally measured through a mishmash KPI structure with the occasional employee happiness/satisfaction survey sprinkled in-between. A company can still achieve good results with “sufficiently happy” or even unhappy employees. Effectively measuring and monitoring operations is not always a priority when the business is making money, but employee wellbeing is often the first to suffer when the business is not. Digital nomadism is an opportunity to completely overhaul this model of “average-at-best” operations by empowering employees with the ability to define their own operational environment. Making a success of digital nomadism requires providing employees with the autonomy to determine their working hours - companies must remain cognisant that not all employees perform best from 9am to 5pm, nor do all employees require 8 hours to execute the tasks expected of them. Further to this, productivity is likely to increase when employees are working in environments that make them work most efficiently. Leveraging the right technology for your business and maximising your human capital in the right way can be the difference between success and failure of the digital endeavour. Things to consider:
MEDIA CONTACT: Rosa-Mari, 060 995 6277, rosa-mari@thatpoint.co.za, www.atthatpoint.co.za For more information on IRMSA please visit: Website: https://www.irmsa.org.za/ Twitter: https://twitter.com/IRMSAInsight Facebook: https://www.facebook.com/IRMSAInsight/?ref=hl LinkedIn: https://www.linkedin.com/company/irmsa-institute-of-risk-management-sa/ In the run-up to the important national elections in May this year, people were hopeful and desperately anticipating a change in the leadership of the country.
Everybody knew that this election was such an important time for all South Africans, fully aware of the implications for the country and hoping for certain outcomes so that the business landscape would remain secure and bring positive growth, put a stop to the pervasive fraud and corruption and most importantly, create jobs! Several months later things are still unfolding and developing, with uncertainty creating new risks and opportunities. “We need political stability in the country as it is affecting the economy. There are big issues to concern ourselves with such as stopping the mismanagement of public funds, reducing unemployment, and especially youth unemployment,” says Gillian le Cordeur, CEO of the Institute of Risk Management South Africa (IRMSA). The results of Stats SA’s Quarterly Labour Force Survey for the second quarter of 2019 indicate that the official unemployment rate increased to 29%, up from 27.6% in the first quarter. The country now has 6.7 million unemployed people. Stability and confidence “We need confidence in our leaders. Stability is key for us to move forward,” says Le Cordeur. She says the internal political struggles within the country’s local, provincial and national leadership are eroding the stability and confidence needed in South Africa from its citizens and international community alike. Adding to this, is the uncertainty around land reform weighing heavily on business leaders, investors and risk professionals and whether or not it will be dealt with responsibly. “We need to be thinking ahead and to have a strategic purpose for what our country and our organisations need.” It is IRMSA’s conviction that the country needs stronger risk professionals and stronger private and public sector leaders to be able to make the right strategic moves as we head into the future. Risk professionals that are able to reflect on the political and economic factors right now and how they could potentially play out in the next few months and how we need to prepare our organisations. To be on the forefront of informing decision making and enabling transformation - not only within our organisations but in the country as well. Corporate governance and ethics Le Cordeur adds that as much as IRMSA is concerned about the political and economic landscape they are also concerned about corporate governance and ethics. There have been too many corporate failures in recent times. On top of that South Africans are being swamped with reports of corruption and state capture. It is all very well to wait for this landscape to change from a political point of view, but at the same time the foundation of our society remains weak. “As risk professionals and business leaders we must make sure that our house is in order so that there can be no finger-pointing. It will be such a pity that you could not make an impact, because your house was not in order.” Post-election landscape IRMSA will be tackling pressing issues during its post-election event in Johannesburg later this month (August). Christopher Palm, Chief Risk Advisor at IRMSA says that linking risk to strategy, applying a systems-thinking approach to risk management and making sure that risk influences decision making through the development of predictive capabilities are critical success factors to build robust alternative futures over the short, medium and long term landscapes for South Africa and South African business. “Once you know how the landscape will unfold in the next few years, you are able to align your own activities and strategies to be able to deal with those risks,” says Le Cordeur. “We need to pull everything together to act pro-actively on the risks facing us on all fronts.” ENDS MEDIA CONTACT: Rosa-Mari, 060 9956277,rosa-mari@thatpoint.co.za, www.atthatpoint.co.za For more information on IRMSA please visit: Website: https://www.irmsa.org.za/ Twitter: https://twitter.com/IRMSAInsight Facebook: https://www.facebook.com/IRMSAInsight/?ref=hl LinkedIn: https://www.linkedin.com/company/irmsa-institute-of-risk-management-sa/ Authored by: John Linden, IRMSA Risk Intelligence Committee Member
At any given moment, there are about 1.2 million people on board 9 700 aircrafts travelling to destinations worldwide, for business or leisure. Part of the ‘global economy phenomenon’ is the reality that international business travel is unavoidable, particularly as businesses establish operations in foreign markets. This is however good for us. It means greater opportunities, long-term market growth, access to new talent and diversification. The World Economic Forum refers to this as flexible work and regards it as, “one of the biggest drivers of transformation.” To maintain a competitive advantage and to foster foreign investment opportunities, we need to compete at this level. The life of the business jetsetter is interesting and rewarding, but it is also physically and psychologically demanding. The landscape has changed over the last decade and the modern traveler faces unique challenges as acknowledged in the opening remark of the executive summary for the Global Risk Report 2019 (14th Edition): “Is the world sleepwalking into a crisis? Risks are intensifying but the collective will to tackle them is lacking.” What are travel risks? To be frank, no matter where our business Travelers direct their gaze, they will face risk. The global economy, unpredictable schedule changes, exposure to infectious diseases, adverse weather patterns, new technologies, country-specific compliance regulations, the global crack-down on tax evasion, the ever-changing security landscape, political unrest and communication across different language barriers. These trials test them emotionally, psychologically and behaviorally. Business Travelers become targets by the very nature of their being in a foreign land in possession of valuables, and often with little experience of the customs and security landscape of their temporary host country. We need to protect against our business Travelers being injured, or even becoming the victim of a kidnapping for ransom or worse. What causes these risks? Corporate ethos tends to focus more on business and less on the human aspect. As a result, unintentionally, companies sometimes neglect their Duty of Care by not embracing an organised programme to brief and train employees prior to international travel. Furthermore, formal policies and guidelines, particularly as relates to restricted travel during security alerts, may not be in place to regulate trips. If we are honest, business Travelers rarely take the initiative to familiarise themselves with prospective travel destinations, the security situation, customs and cultures. This leads to unnecessary stress and even to avoidable incidents. Business Travelers who frequently travel to particular destinations, also tend to become complacent and resist security updates believing that they are familiar with any potential threat. Another issue is lack of reporting of incidents. Travelers involved in incidents may experience embarrassment or may fear disciplinary action due to negligence. How to respond to travel risks? Businesses with global operations should invest in a travel management programme administered by a travel security specialist. This portfolio would be responsible to implement policies and practices governing travel security and ensure that the business takes accountability and acknowledges its Duty of Care. The onus is however not exclusively on the business. Travelers should also empower themselves through knowledge and awareness as, ultimately, being responsible for your personal and professional safety can only count in your favor. Things to consider:
MEDIA CONTACT: Rosa-Mari, 060 995 6277, rosa-mari@thatpoint.co.za, www.atthatpoint.co.za For more information on IRMSA please visit: Website: https://www.irmsa.org.za/ Twitter: https://twitter.com/IRMSAInsight Facebook: https://www.facebook.com/IRMSAInsight/?ref=hl LinkedIn: https://www.linkedin.com/company/irmsa-institute-of-risk-management-sa/ |
Welcome to the IRMSA Newsroom
Archives
December 2020
Categories
All
|