Archive for 'Organizational resilience and business continuity/conti'
July 25th, 2016. Published under Intangibles as strategic assets, Managing intangible assets, Organizational resilience and business continuity/conti. No Comments.
Michael D. Moberly July 25, 2016 ‘A business blog where attention span really matters’!
The word ‘multiplier’, as I have observed its application, has been primarily in military – combat contexts as force multipliers. Observation and strike capable drones for example, are force multipliers because of the operational – observational advantages they provide to various military units needing real time intelligence and possibly offensive action.
However, on the business side, as an IA (intangible asset) strategist and risk specialist, I consider a company’s IA’s as representing a distinctive form/context of business multipliers. Throughout the private sector, IA’s, originate in – arise from valuable intellectual, structural, relationship, and competitive capital or, IA’s.
Preferably, business c-suites and their management teams recognize how IA’s translate, convert, or monetize as competitive tactics, processes, and/or commodities to (collectively – collaboratively) ‘multiply’ – contribute to the effectiveness, efficiency, output, revenue, and/or value of a particular operating group, project, or process.
Either way, when IA’s are acknowledged and effectively integrated in a particular initiative, project, or even organization-wide, they can, and frequently do, favorably impact efficiency, effectiveness, and productivity, which translates as value, sources of revenue, and competitiveness, that otherwise may not have been acknowledged. That’s particularly evident in business environments in which there is little or no receptivity to IA’s either in terms of their usefulness, accounting, internal development, external acquisition, or maturation – conversion often due to a misperception that doing so would disrupt the status quo or create new risk.
IA-based multipliers, also refer to attributes or combinations of competitive inputs which again, often manifest most favorably when collectively-collaboratively drawn from existing intellectual, structural, relationship, and competitive capital. A general example where this has occurred is the package delivery sector as most firms recognized the obvious efficiencies which could accrue by integrating – coordinating both GPS (global positioning) and RFID (radio frequency identification) technologies which converted to growth in value, competitive advantage, and revenue generation capability. Standing alone, both GPS and RFID are tangible-physical assets (technologies), but the intellectual, relationship, structural, and competitive capital which together recognized – linked their application to the global package delivery sector should not be dismissed.
In this instance, GPS and RFID deliverables largely manifest as contributory and competitive IA’s that facilitate-enable the package delivery sector to receive, process, sort, and deliver substantially more orders and packages more efficiently compared to competitors that have yet to incorporate those multipliers.
For those operationally familiar with IA’s, i.e., their origins, development, and integration, in most instances, can (and should) also be leveraged – exploited as, among other things, value proposition multipliers, which in turn, confer credibility and rationale to capital outlays to pursue, purchase, and integrate the multipliers, ala GPS and RFID systems, while recognizing the various IA’s such multipliers produce and strengthen.
So, as more operational clarity is brought to IA’s contributory role and value as multipliers, organization c-suites, boards, and management teams will recognize – materialize as…
• expansions of operational prerogatives and boundaries that correlate with IA development, utilization, and
• decision – transaction outcomes becoming more predictable and lucrative whenever, however, and wherever,
IA’s are in play.
• the necessity for OR (organizational resilience) planning to facilitate quicker and more complete economic-
competitive advantage recovery following a significant business disruption or materialization of reputation
May 12th, 2015. Published under Organizational resilience and business continuity/conti. No Comments.
Michael D. Moberly May 12, 2015 ‘A blog where attention span really matters!’
In my corner of the business world where 80+% of most company’s value and sources of revenue lie in – evolve directly from IA’s (intangible assets), it’s routine for me to cross paths with very astute, experienced, and financially successful company management team members (c-suites). Somewhat ironically, at least through my lens, many quite cavalierly express the view that it’s impossible to eliminate all (business) risk. I have come to interpret, quite correctly I believe, that mantra is symbolic of the subjective manner in which many c-suites treat risk.
My response to such views is usually to politely hedge a little by suggesting it is possible to mitigate a large percentage of most business’ risk! However, and here comes the hedging part, the resources a company may have to dedicate – reallocate to a (risk) mitigation initiative, and the resulting restrictions, subjective as they may be, would likely be embedded with some untenable impracticalities.
Regardless of how subjective risk mitigation may be, at least how I see it being practiced. Few organization decision makers would knowingly assume risk mitigation practices that would…
- impede operation effectiveness and efficiency or disturb the flow and integration of IA’s,
- particularly intellectual, structural, relationship, and competitivity capital.
Any company doing so would rapidly find its viability, profitability, and sustainability substantially undermined, if not ‘go to zero’, unless of course, those assets were transferrable.
Through my lens, there are a significant, but actually unknown percentage of companies in which their tolerance – appetite for risk…
- varies over time and is often circumstance – transaction specific, i.e., influenced by…
- the products – services a company produces, delivers, and its target customers.
- the perceptions – beliefs held by c-suites and boards regarding business risk climate.
- a prior adverse experience or shared anecdote from another company.
- the manner and locations in which a company interacts with – engages its primary markets, i.e., customers, supply chains, and myriad stakeholders.
According to Dr. Marc Siegel, a globally respected organizational resilience specialist, there are ways to measure and assess a company’s tolerance – appetite for risk. Most, Siegel says are dependent on their
1. Experience, e.g., the confidence level held by company management teams’ acquired largely through their familiarity with current and over-the-horizon risks, coupled with their (perceived) capabilities to effectively manage (prevent and/or sufficiently mitigate) such risks.
2. Resiliency – e.g., if or when a significant (business) risk materializes, are there policies and practices in place to (a.) mitigate – minimize the criticality produced by the risk, and (b.) rapidly return the company to a state of operational and financial – revenue normalcy in a reasonable time frame before risk resiliency is irreversible. Achieving such a desired level of risk resiliency includes minimizing the fragility and vulnerability of company’s – business unit’s intangible assets, particularly intellectual, structural, relationship, and competitive capital for the duration of the risk event.
A related question I routinely pose to management teams, focuses on how they (presumably) achieved consensus to accept or tolerate particular levels of risk relative to a specific transaction, new venture, strategic alliance, etc.? The answer is frequently some variation to the proverbial…
‘risk is an inherent feature of doing business and all successful business persons are inherently risk takers’.
I approach business risk a little differently in terms of understanding why and how I may respectfully influence management teams, boards, and c-suites, already inclined to have a greater appetite for – tolerance of certain (business) risks and not others. I find it’s frequently due to…
- types and levels of risk are subjectively measured – assessed to be low, in terms of vulnerability and probability, but extraordinarily high in criticality,
- making the cost of mitigation, i.e., risk transfer, etc., exceed potential (prospective) benefits, thus self-insurance or elevated tolerance for risk appear to be the prudent, near term option.
- the asymmetric nature of business risks, i.e., their magnitude, frequency, criticality, and cascading potential, while factoring the type of product or service a company produces, is beyond the capabilities of most to consistently prevent or mitigate.
- companies’ anticipated – projected business opportunities associated with assuming a certain level of risk, outweigh risk exposures to the point that a management team can justify – rationalize executing a particular transaction or new initiative and therefore assume a substantial portion of the risk.
(This post was inspired by the work of Dr. Marc Siegel and his work related to organizational resilience on behalf of ASIS International.)
June 2nd, 2014. Published under Fiduciary Responsibility, Intangible asset protection, Intellectual Property Rights, Organizational resilience and business continuity/conti. No Comments.
Michael D. Moberly June 2, 2014 ‘A long form blog where attention span really matters’.
Pat Choate, in his 2005 book titled ‘Hot Property: The Stealing of Ideas in an Age of Globalization’ (p. 218)points out that an ‘idea, by definition, exists solely in one’s mind, where it remains happily and comfortably secure, but not terribly useful’. So, in order for an idea to potentially produce commercial and/or contributory value to its holder at some point, it must be expressed. Even though Choate (2005) says ‘protecting one’s ideas represents a basic social contract between society, its government, and the individual(s) who created the idea’, the act of openly expressing ideas, with increasing frequency, serves as a starting point for asset vulnerabilities and potential challenges and disputes to emerge for the originators (holders – owners) of the ideas.
Fundamentally, products of the mind are a type of intangible asset and manifest as intellectual, structural, and relationship capital including intellectual property (IP) and some other forms of proprietary information. Risks, to these intangibles materialize with some regularity and certainty, often in the form of purposeful or inadvertent events, acts, or behaviors that can adversely affect or jeopardize (asset) ownership, control, use, and value. A significant percentage of materialized intangible asset risks are of a nature to adversely affect a company’s reputation and its competitive advantages with equal rapidity, for example…
- stifle competitive – economic momentum of a company project, new venture, or product launch.
- undermine a business transaction or strategic business plan.
- erode an assets’ value as a source of potential value and projected profitability.
Business continuity – contingency planning pre-Internet era…
In the pre-Internet era, when intangible asset were barely a twinkle in economists’ eyes, misappropriation, infringement, and/or counterfeiting was characterized as being relevant almost exclusively to IP, i.e., patents, trademarks, copyrights, and trade secrets. Too, at the time, a relatively common risk mitigation strategy (to a company’s assets) was business continuity – contingency planning, not organizational resilience, and was generally designed – intended to be a mechanism to contain the risk(s) and mitigate their impact, i.e., the damages or extent of the losses as well as additional adverse impacts to company reputation, image, and goodwill, etc.
Today however, in the current knowledge based (intangible asset) era of going fast, going hard, and going global, even the most well-intentioned and wishful thinking efforts to contain the multitude of risks that can materialize is more fitting, in my view, to tangible (physical) assets than intangible (non-physical) assets.
For example, in the world of physical (tangible) assets, so-called firewalls erected between apartment buildings are designed – intended to contain or reduce, for a certain period of time, the probability that a fire in one building will spread to adjacent buildings and/or structures.
Such conventional firewalls however are less relevant or practical insofar as safeguarding or mitigating risks to knowledge-based intangible (non-physical) assets which again include intellectual, structural, and relationship capital, IP and proprietary information. In most instances, in today’s increasingly sophisticated risk laden R&D and business transaction environments, anyone of these types of intangible assets, absent effective asset monitoring and safeguards, will be at risk. Unfortunately, the sophisticated methodologies applied by the expanding number of global economic and/or competitive advantage adversaries, allow value laden intangible assets to be quickly discerned and instantaneously disseminated to a growing and often organized and sophisticated labyrinth of information brokers, business intelligence operations.
Don’t Overlook Intangible Asset Safeguards
Significantly, once an intangible asset has been compromised or succumbed to the growing array of sophisticated and asymmetric risks and threats, a company mitigation practice based primarily on the principles of containment, in my view, is neither a realistic or viable (standalone) strategy, certainly not something which a company’s management team, c-suite, board should feel comfortable insofar as their fiduciary responsibilities are concerned, i.e., see Stone v. Ritter.
Thus, while conventional intellectual property enforcement mechanisms (i.e., patents, trademarks, copyrights, trade secrets) remain a global (WTO) requisites for conveying ownership and standing to address the inevitable disputes, challenges, risks, and threats, the deterrence features associated with each have been minimized and are routinely disregarded and circumvented by adversaries. Thus conventional IP enforcements assume a more reactive vs. proactive posture, one that requires formidable and consistent self-policing and monitoring
In today’s increasingly aggressive, predatorial, and ‘winner take all’ global R&D and business transaction environment, this leaves, in my view, conventional forms of intellectual property (enforcement) certainly less relevant, perhaps even approaching some manner of obsolescence insofar as effectively combating the ultra-sophisticated risks and threats which are now routine.
Conventional IP enforcements carry little, if any, deterrent features today…
While I am not suggesting conventional IP enforcements should not be used, the harsh reality is, the once respected rights and protections afforded to innovators and entrepreneurs for their products on the mind, through patents, trademarks, and copyrights, etc., are now being routinely outpaced, circumvented, and utterly disregarded by adversaries globally. Any entrepreneur or company who assumes the mere issuance of a patent, standing alone, will be sufficient to sustain full control, use, and ownership rights for the duration of their patent, for example, is simply no longer credible.
The notion that conventional IP enforcements will ensure indeterminate control, use, and receipt of economic/competitive advantage benefits from an individual’s or company’s hard earned and often very expensive know how, i.e., the intellectual, structural, and relationship capital is unfortunately a business risk that should not be assumed is the exclusive bastion of legal (IP) counsel.
It would not be too challenging to argue conventional intellectual property enforcements carry less benefit to a single holder or a company, aside from providing legal standing in the increasing likelihood of having to engage in litigation over disputes and challenges. It’s most prudent then for business decision makers to ensure best practice intangible asset safeguards are in place from the outset of idea materialization. This includes consistent asset monitoring and defense, not merely directed to the conventional intellectual property rights, but also to sustaining control, use, ownership, and monitoring value and risks to those assets!
Sustaining a successful launch – commercialization of a new idea…
There are many different views about what is actually required to sustain a successful launch – commercialization of a new idea or project.
Obviously, having a very commercializable product and a sufficiently capitalized business plan and marketing strategy represent three time honored ingredients necessary for most successful launches. But, an often overlooked, underestimated, and misunderstood ingredient to a successful business – idea launch is recognizing that…
80+% of the value, sources of revenue, and future wealth creation of the launch will likely evolve from intertwined combinations of (a.) intangible assets and IP,i.e., intellectual capital, and (b.) specialized proprietary know how, i.e., structural capital, and (c.) attractive and distinctive competitive advantages, and brand integrity, i.e., relationship capital. (Moberly, 2011)
So, unlike conventional forms of IP enforcements, i.e., patents, trademarks, and copyrights, no government will issue a comparable certificate that says, these are your contributory value intangible assets, proprietary know how, trade secrets, competitive advantages, and brand integrity which an individual or company should safeguard and monitor their value and risk for the duration of their respective value and functionality cycle.
The responsibility for (a.) recognizing how the intangible assets evolved, (b.) the context which they now exist and are being applied, and (c.) unraveling them (individually – collectively) to assess their contributory value and potential conversion to sources of revenue and competitive advantage lie solely with the launching companies’ decision makers, i.e., originators, holders, and/or owners of those assets.
Admittedly, today’s hyper-competitive global business (transaction) environment, is influencing more companies to recognize the necessity for more than cursory intangible asset identification, assessment, safeguards, and monitoring of value and risk is much more than a time or resource permitting responsibility. These responsibilities are now instrumental in the initial success of product launches. Business decision makers who carelessly or unwittingly hedge their intangible assets’ essential maintenance, e.g., protection and preservation, will with greater frequency, if not certainty, cause risk-threat probabilities to become inevitabilities in which complete or partial (asset) value erosion and/or dilution are likely to occur which can also inadvertently create parameters and/or boundaries to a company’s economic – competitive position capabilities and potential.
What can companies do if – when their intangible asset ‘genies get out of their bottle prematurely…
The genie for profitable and sustainable launches of a new company, product, or idea is embedded in the business decision makers’ recognition that…
Getting out of the bottle is a metaphor of course, for situations in which business decision makers overlook or underestimate the role, contribution, and/or value intangible assets make to the overall sustainability of successful business launches and equally important, the risks-threats to those assets.
The initial requisite to commencing asset recovery action is recognizing delays in (a.) discovering the materialization of asset risk, and (b.) securing experienced guidance about what action to take and when, will most certainly complicate and weaken a company’s (legal) position insofar as the possibility of achieving a favorable (possibly full) economic – competitive advantage outcome.
A responsive and thorough ‘intangible asset – competitive advantage assessment’ is a prudent first step. A specialized (asset) assessment of this nature will aid a company and its decision makers to be better positioned to deliberate on two important points:
- prioritize options relative to trying to (re-) establish ownership control and use of the no doubt already hemorrhaging intangibles.
- strategies to try to stop and/or mitigate additional economic – competitive advantage hemorrhaging (of the assets), i.e., devaluation, undermining, infringement, misappropriation, reputation risk, etc.
Bottom line; risks-threats to a company’s intangible assets, intellectual property, proprietary know how and competitive advantages and brand integrity should not be dismissed and/or characterized as merely just another risk of doing business!
Unfortunately, far too many companies lose, inadvertently relinquish, and/or become entangled in extraordinarily costly and time consuming legal disputes and challenges over the ownership, control, use, and value of their intangible assets, competitive advantages, proprietary know how, reputation, and brand integrity. One of the most frequent reasons is dismissing the real, persistent and stealthy risks-threats to those assets and their contributory value to strategic sustainability.
November 12th, 2012. Published under Enterprise risk management., Organizational resilience and business continuity/conti, Uncategorized. 4 Comments.
Michael D. Moberly November 12, 2012
In my corner of the intangible asset business world, it’s quite routine to engage highly experienced, intelligent, and successful business owners and management teams who cavalierly and somewhat patronizingly, express the view that it’s impossible and far too costly to eliminate (prevent) all business risk, that is if of one wants to remain in business.
Often embedded in this perspective, is the misperception that preventing business risks equates with being overly cautious and risk averse, which some argue is tantamount to a ‘fortress mentality’ which substantially dampens any sense of receptivity to new or ‘edgy’ business endeavors. Too, a frequent refrain is that business risks are simply too prevalent, inescapable, and asymmetric to avoid in every business dealing, absent literally building a risk prevention – adverse ‘moat’ around one’s business.
My response to such consistent expressions from management teams, c-suites, and boards is to respectfully, but objectively, introduce the notion that a business, with a substantive risk prevention-mitigation pillar is not wholly impossible, nor will it be perceived as antagonistic or incompatible to competitive and welcoming business transactions and configurations.
Some management teams, et al, quite incorrectly interpret, in my view, that the resources necessary for creating a ‘risk moderated’ business (transaction) environment are neither practical nor feasible and, if done, would inevitably expedite business failure because it would hamper and impede business’s engaging their strongest, most valuable, and charismatic assets, i.e., intangible assets such as intellectual, relationship, and structural capital.
I’m confident few, if any readers of this blog would agree to such a restrictive business environment.
My experience and I suspect that of many readers of this blog as well, recognize that many management team’s ‘tolerance for risk’…
- varies considerably, even within the same sector…
- is generally subjective, often influenced by anecdotal evidence, the products and/or services a company produces, and/or evolve from management team, c-suite, and board perceptions – assumptions about (certain) business risks fro, prior experiences, and…
- locations of, and interactions with a company’s primary markets, i.e., countries, customers/clients, supply chains, and a host of other relevant stakeholders.
Let’s not overlook or forget the economic fact that 65+% of most company’s value, sources of revenue, and ‘building blocks’ for growth, profitability, and sustainability lie in – evolve directly from intangible assets today, which in most instances, a business/company has developed internally (i.e., through prudent use of its intellectual, structural, and relationship capital) or acquired and integrated externally. So, in essence, when we address the subject of a business’ tolerance for risk, in my view, we’re really talking about how tolerant a company is relative to risks to its intangible assets!
According to Dr. Marc Siegel, a globally respected specialist in organizational resilience, there are ways to measure and assess a company’s tolerance for risk which I have added to throughout this post. But, as readers know, sometimes all too well, measuring and assessing a company’s tolerance for risk is frequently dependent on the experiences, anecdotes, and largely subjective assessments emanating through the lens of management teams, c-suites and boards, i.e., their…
- experience and confidence level acquired through their familiarity with and the significance they attach to known, current, and over-the-horizon risks…
- ability to following a risk event through effective risk management, prevention, and/or mitigation initiatives…
- organizational resilienceto sustain a robust business (transaction) environment following a significant (business) risk or disruption and consistently utilize-leverage intangible assets to achieve strong growth, profitability, and sustainability trends, i.e., policies, procedures, and practices in place…
a. to mitigate-minimize the criticality posed by certain risks (reputation or otherwise) and,
b. that would allow a business to return to a state of operational and financial and revenue normalcy in a reasonable time frame because it could maneuver and apply mitigation measures to an array of risks to elevate the probability that a previously agreed upon (accepted) level of business operational continuity is sustainable should a particular risk actually materialize.
4. recognition of core/key intangible assets, e.g., minimizing intangibles’ fragility, and vulnerability to loss and/or compromise, while stabilizing their value, competitive advantage-reputation delivery, revenue streams, and sustaining their control, use, and ownership throughout the risk event, particularly that which is embedded in intellectual, structural, and relationship capital.
Another important and relevant inquiry I routinely pose to management teams, is how they achieved consensus regarding the acceptance and/or toleration of a certain level of risk and/or operational continuity relative to specific transactions, new ventures, strategic alliances, or other business initiatives in which risks are present and/or occur? Interestingly, their frequent answer is again, (a.) certain levels and/or types of risk are inherent features of doing business, and/or (b.) all successful business persons are inherently risk takers.
I examine responses such as to why management teams, boards, and c-suites may be inclined to tolerate certain (business) risks and not others? I find it’s usually because the…
- risk is frequently subjectively assessed and/or measured to be relatively low in terms of vulnerability and probability, or the
- perceived cost of risk mitigation exceeds potential (projected) benefits, making elevated tolerance for risk appear to be the more prudent course of action…
However, experience suggests, absent experienced and expert assessments of risks/threats, management teams and c-suites will characterize certain types/categories of business risk…
- as being low in priority to receive prevention/mitigation resources in terms of probability
- as being low insofar as occurrence and asset vulnerability to loss, value reduction, and/or compromise, but
- high in criticality (adverse economic, competitive advantage effects to the company) should certain risks materialize.
But, the reality is today that, many types/categories of business risks are asymmetric, i.e., their magnitude, frequency, criticality, and speed of cascading throughout a business, should they materialize is substantial.
Therefore, for many, if not most companies, projected business opportunities come already affixed with certain levels of risk. The objective is to mitigate risk exposures to the key-core intangible assets in play to point that management teams can proceed confidently with a particular transaction or initiative while assuming a portion of the risk with confidence and objectivity it will not spillover, cascade, or adversely affect the projected economics or competitive advantages.
This post was inspired by the work of Dr. Marc Siegel and his strong expertise in the field of organizational resilience on behalf of ASIS International.
Comments regarding my blog posts are encouraged and respected. Should any reader elect to utilize all or a portion of this post, attribution is expected and always appreciated. While visiting my blog readers are encouraged to browse other topics (posts) which may be relevant to their circumstance. And, I always welcome your inquiry at 314-440-3593 or email@example.com
April 25th, 2012. Published under Enterprise risk management., Organizational resilience and business continuity/conti. No Comments.
Michael D. Moberly April 25, 2012
In my relatively small niche/corner of the intangible asset business world, it’s quite routine to engage experienced and seemingly successful management teams and risk managers who cavalierly express the view that it’s impossible to eliminate all (business) risk. My response to such perspectives is usually to politely hedge a little by suggesting it is possible! However, and here comes the hedging part, the resources a company would have to devote and the ultra-restrictive environment a ‘risk free’ business would necessitate, i.e., no external interactions or emanations are just two examples. I know of no company that would agree to such aggressive tactics because they could no longer be viable nor profitable and their intellectual, relationship, and structual capital (intangible assets) would be of little, or no value.
My experience also suggests most company’s ‘tolerance for risk’ (a.) varies, (b.) is largely subjective, (c.) is often influenced by industry sector and the products and/or services being produced, (d.) management team, c-suite, and board perceptions/beliefs about business risks (usually evolving from prior experiences and/or anecdotes), and (e.) locations of and interactions with a company’s primary markets, i.e., customers/clients, supply chains, and other stakeholders.
According to Dr. Marc Siegel, there are ways to measure and assess a company’s tolerance for risk which is dependent on their…
1. Experience, e.g., the confidence level held by a company’s management team achieved by their familiarity with current and over-the-horizon risks, coupled with their perceived ability to effectively manage (prevent and/or mitigate) such risks.
2. Resiliency – e.g., if or when a significant (business) risk or disruption occurs, are there policies and practices in place to (a.)mitigate/minimize the criticality posed by the risk, and (b.) rapidly return the company to a state of operational and financial/revenue normalcy in a reasonable time frame, in other words, its resiliency. Achieving company resiliency also includes minimizing the vulnerability, fragility and/or loss of intangible assets, particularly competitive advantages, for the duration of the risk event.
One question I often pose to management teams focuses on how they presumably achieved concensus to accept or tolerate a certain level of risk relative to a specific transaction, new venture, strategic alliance, etc.? The answer I tend to get when I pose such a question is the proverbial ‘risk is an inherent feature of doing business and all successful business persons are inherently risk takers’. I analyze risk a little differently in terms of why management teams, boards, and c-suites may be inclined to tolerate certain (business) risks and not others. It’s usually because the…
- level of risk is generally subjectively measured/assessed to be low in terms of vulnerability and probability, but the cost of mitigation through risk transfer, etc., may exceed potential (prospective) benefits, making self-insurance and elevated risk tolerance appear to be the prudent option. Such circumstances often arise with risks that are assessed as having a low priority in terms of probability and vulnerability, but extraordinarily high in criticality.
- asymmetric nature of business risks, i.e., their magnitude, frequency, criticality, and cascading potential, should they materialize, coupled with the type of products and services a company produces, is beyond the capabilities of most to consistently prevent or mitigate.
- company’s anticipated/projected business opportunities associated with assuming a certain level of risk, outweigh risk exposures to the point that a management team can justify/rationalize proceeding with a particular transaction or initiative and therefore assume a substantial portion of the risk..
(This post was inspired by the work of Dr. Marc Siegel and his work related to organizational resilience on behalf of ASIS International.)
March 30th, 2012. Published under Intangible asset protection, Intangible asset strategy, Organizational resilience and business continuity/conti. No Comments.
Michael D. Moberly March 30, 2012
Some management teams consider ’organizational resilience’ to merely be a tweaked version of conventional continuity and contingency planning. Be assured, it’s not!
If anything, organizational resilience (OR) is business continuity and contingency planning on steroids. That is, OR is more inclusive and evolves from a multifaceted ‘attitude’ of:
- continuity, and
- economic – competitive advantage recovery
From an operational standpoint, OR differs markedly from conventional security and/or risk management approaches because of its focus on:
- drawing a balance between asset vulnerability, risk probability, and criticality (consequences) of certain risks, and
- shifting away from managing risk reactively, to a highly proactive, adaptive and continually improving series of activities and responses.
Ultimately, a well-designed and executed OR plan can serve as a strategic path for moving a company from a conventional defensive and reactive posture to a proactive (forward looking, forward thinking) risk posture. By doing so, companies become more anticipatory and ultimately resilient to a broader range of risks and adverse events, should they materialize
In my view, OR is particularly well suited to the ‘systems approach’ which compels management teams to identify and examine risks in independent and dependent variable contexts relative to (a.) asset vulnerability, (b.) probability of occurrence, and (c,) criticality, i.e., potential for significant adverse cascading effects throughout a company and its stakeholders should they materialize.
An OR approach to risk would entail examining business risk(s) that may, for example, have a relatively low probability for occurrence, but carry inordinately high consequences (criticality) making it more challenging to return to a state of operational-financial normalcy.
Thus, OR is much more than mere defensive posturing. It involves proactive attitudes and practices that recognize 65+% of most company’s value, sources of revenue, and building blocks for growth and sustainability evolve directly from intangible assets. Ironically, this requires management teams, c-suites, and boards to recognize that materialized risks or adverse events may, for organizationally resilient firms, present opportunities to further exploit its intangible assets, presuming other industry sector companies and/or competitors are experiencing similar risk events simultaneously.
A firm’s ability to rapidly, efficiently, and effectively adapt to change and uncertainty (risk) are being ratcheted up on company agendas as action items requiring higher priorities. In OR parlance, the vulnerability, probability, and criticality associated with potential and/or materialized risks, be they natural, intentional, or unintentional, represent a strong rationale why companies need to achieve a level of resilience that fits their respective market, industry sector, and business (transaction) environment. More specifically, a recovery and adaptive oriented OR strategy can no longer be dismissed or relegated to merely being an ’after thought’.
An initial step toward achieving an organizationally resilient firm puts the onus on management teams and c-suites to recognize the unique elements and features (intangible assets) that are routinely embedded in company operations and functions. In other words, preserve (intangible) assets that underlie a company’s profitability, competitive advantages, and sustainability, i.e., reputation, brand, intellectual – relationship capital, goodwill, image, etc.
Intangibles though, often go un-noticed and un-protected in conventional risk management and business continuity-contingency planning. I say this in the context that I have yet to engage a management team or board member that does not hold the view that every business or company, particularly theirs, possesses nuanced and unique features that contribute to its success. Referring to such features as intangible assets though, seldom occurs.
Another step toward achieving an organizationally resilient company is to identify ways to measurably improve on its ability to adapt and rapidly recover from significant (business) disruptions, materialized risks, and/or significant changes in the business (value-supply chain) environment. In other words, remain financially and competitively viable for the duration of the adverse – disruptive event!
(This was inspired by the work of Gregg Goble, Howard Fields, and Richard Cocchiara of IBM’s Resilient Business and Infrastructures Solutions unit and the work of Dr. Marc Siegel, ASIS.)
January 12th, 2012. Published under Intangible asset strategy, Organizational resilience and business continuity/conti. No Comments.
Michael D. Moberly January 12, 2012
I suspect there are very few, if any, management teams today, including c-suites and boards that do not recognize the necessity for their company to have reasonable assurance of operational continuity should certain risks/threats materialize. Enterprise risk management is no longer solely about (risk) prevention or mitigation rather it’s about creating organizational resilience.
Today’s business transaction environment, for both large and small companies is truly global in which each of the following are the norm:
- business interdependencies and alliances
- supply chains that are multifaceted, lengthier, and ‘just in time’
- elevated vulnerability – probability of disruptions and materialization of risk that carry the capability of producing immediate, adverse, and cascading affects that ripple throughout an enterprise (internally and externally)
…too, each is prompting management teams, as fiduciary responsibilities, to reassess the conventional business continuity – contingency plan to determine if it reflects today’s necessary standard’s for organizational resilience?
Determining (assessing) with some degree of precision, just how resilient a company really is to the growing array of (asymmetric) business risks and threats is challenging, but absolutely necessary today. Many of those risks, should they materialize, their adverse (potential cascading) affects can be immediate, relentless, and devastating insofar as undermining and eroding a company’s value, standing, market share, and revenue streams, etc., regardless of a company’s size, industry sector, or whether it publicly or privately held.
The bottom line, in my view is, some materialized risks/threats cannot be fully or readily mitigated or reversed without recognizing the need to have a viable and comprehensive organizational resilience plan in place.
One business reality that makes organizational resilience all the more critical is that growing numbers of analysts as well as consumers, clients, and suppliers:
- possess a propensity to exhibit – express a sense of skepticism, cynicism , and are generally less-believing of company’s resiliency motivated (public) communications following the occurrence of a risk-threat event
- can readily find satisfactory alternatives to meet their needs either in the interim or permanently due to which certain risks materialize, i.e., product recalls, production – supply chain disruptions, etc.
…that render products temporarily unavailable or cause question about their quality.
I find the single greatest challenge to helping company’s design and execute an organizational resilience plan is achieving consensus about the criticality of certain processes, products, and assets (tangible and intangible) insofar as measurably elevating a company’s resilience, i.e., returning to a state of operational normalcy as quickly as possible, following an adverse event or act.
A word of caution though, management teams that inadvertently overlook or do not specifically include a company’s intangible assets in their organizational resilience plan are not merely being near-sighted or neglectful of their fiduciary responsibilities, they’re actually taking their company down a much more riskier path because:
- 65+% of most company’s value, sources of revenue, and building blocks for growth and sustainability today lie in – directly evolve from intangible assets, and
- intangible assets are frequently more fragile, transportable, and therefore vulnerable to adverse events or acts.
(This post was inspired by Michael D. Moberly’s interpretation of ASIS Internationals’ 2009 ’Organizational Resilience’ standard.)
December 30th, 2011. Published under Looking Forward, Organizational resilience and business continuity/conti, Reputation risk.. No Comments.
Michael D. Moberly December 30, 2011
Company reputation is an intangible asset of the first order and, when effectively used and safeguarded, can be a major source of competitive advantage and sustainability. This is probably what prompted The Economist’s Intelligence Unit to produce a ‘global risk briefing’ titled Reputation: Risk of Risks arising from interviews with 269 senior risk managers. Aside from the fact that the report was produced in December, 2005, its relevance remains very much intact today.
Company reputation is certainly a prized, yet increasingly vulnerable and fragile asset in my view which the reports’ respondents agreed by stating that reputation represented a main concern for the majority of risk managers, ahead of, for example:
- regulatory risk
- human capital risk
- IT network risk
- market risk, and
- credit risk.
Interestingly, the priorities of senior risk managers have changed little since publication of The Economist’s report. It’s certainly fair to say then that company reputational risk also has become a very significant (fiduciary) concern, not just for senior risk managers, but for company management teams, c-suites, and boards as well. They recognize the many ways it can adversely affect their company.
Company reputation is defined (in the Economists’ report) as ‘how a business is perceived by stakeholders, including customers, investors, regulators, the media, and the wider public’. Company reputation, the report goes on to state, ‘declines when experiences of an organization fall short of expectations’.
However, before this definition can be fully translated into effective (reputation risk) countermeasures, it’s important for a company to bring operational clarity to:
- whose experience
- what experience, and
- which expectations.
Safeguarding a company’s reputation is, with few exceptions, probably the most important, but also, in my view, one of the more challenging tasks and (fiduciary) responsibilities a company can and should undertake relative to its overall management, stewardship and oversight. In large part I find it challenging because of the asymmetric nature how (reputational) risks and threats can materialize and cascade throughout a company.
For example, The Economists’ study identified three significant phenomena that individually and/or collectively contribute to elevating reputation risk, each of which remains relevant today:
- development of 24/7 global media and communication channels
- increased scrutiny from regulators, and
- reduced customer loyalty
A relevant, but not easily answered question though, about damages a company can sustain as a result of a materialized reputational risk, in terms of prevention, mitigation, or management, is whether reputation risks – threats should be characterized and addressed as:
- standalones, or
- the consequence of other, perhaps simultaneously converging risks?
As already noted above, reputational risk is often (highly) asymmetric in my view. This belief inclines me to address it not solely as a standalone or separate risk, rather a consequence (by-product or multiplier) of risks that can materialize sequentially and adversely affect a company simultaneously on multiple levels.
Respondents to the Economist’ study identified the three biggest risks/threats to a company’s reputation as:
- failure to comply with regulatory or legal obligation
- failure to deliver minimum standards of service and product quality to customers
- exposure of unethical practices
This elevates the importance of how company management teams, boards, and risk managers perceive reputational risks to their company…relative to the processes, procedures, and/or programs they (may/may not) have in place as forward looking monitoring and assessments of internal and external factors/variables necessary to prevent, mitigate, and manage reputational risks if/when they begin to materialize.
For example, when conducting a comprehensive (intangible asset) assessment of a company (which includes reputational risks) and there’s evidence that a company’s plans and/or attitudes for responding to reputational risks appear more closely aligned with crisis management than contingency and organizational resilience planning, I would engage the senior risk manager for clarity. If its revealed that the company genuinely addresses reputational risks/threats solely through a conventional ‘crisis management’ lens, its often an indicator, that the company may not be adequately monitoring – scanning their horizon and stakeholders for risks/threats which is so essential today, and is, my judgment a key underlier to quality contingency – organization resilience planning, not crisis management!
While visiting my blog, you are respectfully encouraged to browse other topics/subjects (left column, below photograph) . Should you find particular topics of interest or relevant to your circumstance, I would welcome your inquiry at 314-440-3593 or firstname.lastname@example.org
December 8th, 2011. Published under Fiduciary Responsibility, Intangible asset strategy, Organizational resilience and business continuity/conti. No Comments.
Michael D. Moberly December 8, 2010
I start with the premise that management teams and boards have a fiduciary responsibility to routinely and objectively ask…
is our company properly positioned, insofar as possessing the expertise and skill sets, to identify, unravel, develop, bundle, utilize, and extract as much value as possible from its intangibles, while simultaneously protecting and monitoring risks to those assets’ value, sustainability, and materiality’?
As noted numerous times in this blog, the key requisite to managing and overseeing a company’s intangibles is the ability to sustain control, use, ownership, and monitor their value and materiality. If the former does not occur, or fails, little else matters, because asset value can quickly go to zero!
An intangible asset officer (specialist) can benefit a company by…
1. Providing on-going guidance to business units and management teams for managing intangibles, i.e., monitoring and extracting value, delivering competitive advantages, and developing strategic plans for measuring asset performance, monitoring risks and materiality.
2. Adding predictability to business transaction outcomes by assessing the stability, defensibility, value, and sustainability of the intangibles in play.
3. Conducting periodic intangible asset assessments to monitor competitive advantages and ensure asset synergies and efficiencies are being effectively utilized.
4. Reducing the probability that the momentum of a project or deal can be stifled or undermined by identifying and mitigating circumstances that can (a.) ensnare and/or entangle the assets in costly and time consuming legal challenges, (b.) erode asset performance and value.
5. Improving the valuing, reporting, and accounting of intangibles and integrating same in (a.) asset development, (b.) company governance processes, and (c.) specialized asset management initiatives, i.e., knowledge management and balanced scorecard.
6. Building an ‘intangible asset’ company culture that’s effectively aligned – converged with a company’s mission and business objectives.
7. Designing an organizational resilience (continuity, contingency) plan that encompasses mission essential intangible assets to provide quicker recovery following a significant business disruption or natural disaster.
8. Monitoring intangible asset value chains, i.e., the inter-connectedness between the production, acquisition, and utilization of intangibles relative to their contributions to company value, revenue, and creating and sustaining competitive advantages.
While visiting my blog, you are encouraged to browse other topics/subjects (left column, below photograph) . Should you find particular topics of interest or relevant to your circumstance, I would welcome your inquiry at 314-440-3593 or email@example.com
August 10th, 2010. Published under Organizational resilience and business continuity/conti. No Comments.
Michael D. Moberly August 10, 2010
Broadly speaking, organizational resilience encompasses a management systems approach that simultaneously focuses on prevention, protection, preparedness, response, mitigation, continuity, and recovery from disruptive incidents. And, for the skeptics, organizational resilience is not merely a warmed over version of (conventional-traditional) business continuity and contingency planning.
An organizations’ ability to quickly, efficiently, and effectively adapt to change and uncertainty (risk) that are so pervasive in today’s globally competitive business (transaction) environment, is certainly being ratcheted up on management team and board agendas as a necessary and priority action item. In organizational resilience parlance, changes in policy, market forces, environmental factors, and the vulnerability, probability, and criticality associated with materialized risks, i.e., natural, intentional, or unintentional, etc., all fall under the (business case) rationale why today’s companies require a level of resilience that fits their respective market, industry sector, and business transaction environment. Recovery oriented (adaptive, proactive) company resilience strategies can no longer be dismissed or relegated to merely being ‘after thoughts’.
The first step toward achieving organizational resilience puts the onus on management teams and boards to literally identify (recognize) the unique elements and features that are embedded and sometimes very much under their company’s radar. In other words, what makes their company successful. I offer this in the context that I have yet to engage a management team or board that does not hold the view that every business/company, including theirs, possesses nuanced and otherwise unique features that contribute to its success and sustainability.
Why is this necessary?, it’s because the components (elements, features, processes, practices, etc.) that define a company’s uniqueness are essentially the foundation for identifying a ‘resiliency strategy’. A resilience strategy commences with identifying/determining ways which a management team and board can measurably improve the degree to which a company, in the context of its respective business environment, is adaptive and able to quickly recover from significant disruptions, materialized risks, and/or significant changes in the business (value-supply chain) environment.
Executable strategies that improve a company’s level of adaptability and timely recovery from disruptive events include ensuring certain (executable) processes are in place that impose (carry) specific demands and functions, as a well informed management team and board dictate so the company can remain viable for the duration of the adverse – disruptive event.
(This post was inspired by the work of Gregg Goble, Howard Fields, and Richard Cocchiara of IBM’s Resilient Business and Infrastructures Solutions unit and the work of Dr. Marc Siegel, ASIS.)
The ‘Business IP and Intangible Asset Blog’ is researched and written by Mr. Moberly to provide insights and additional views for company management teams, boards, and employees to aid in identifying, assessing, valuing, protecting, and profiting from their intangible assets. I welcome and respect your comments and perspectives at firstname.lastname@example.org.