eBook - ePub
Corporate Defense and the Value Preservation Imperative
Bulletproof Your Corporate Defense Program
This is a test
- 316 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
eBook - ePub
Corporate Defense and the Value Preservation Imperative
Bulletproof Your Corporate Defense Program
Book details
Book preview
Table of contents
Citations
About This Book
This is the first book to finally address the umbrella term corporate defense, and to explain how an integrated corporate defense program can help an organization address both value creation and preservation. The book explores the value preservation imperative, which represents an organization's obligation to implement a comprehensive corporate defense program in order to deliver long-term sustainable value to its stakeholders. For the first time the reader is provided with a complete picture of how corporate defense operates all the way from the boardroom to the front-lines, and vice versa. It provides comprehensive guidance on how to implement a robust corporate defense program by addressing this challenge from strategic, tactical, and operational perspectives. This arrangement provides readers with a holistic view of corporate defense and incorporates the management of the eight critical corporate defense components. It includes how an organization needs to integrate its governance, risk, compliance, intelligence, security, resilience, controls and assurance activities within its corporate defense program.
The book addresses the corporate defense requirement from various perspectives and helps readers to understand the critical interconnections and inter-dependencies which exist at strategic, tactical, and operational levels. It facilitates the reader in comprehending the importance of appropriately prioritizing corporate defense at a strategic level, while also educating the reader in the importance of managing corporate defense at a tactical level, and executing corporate defense activities at an operational level. Finally the book looks at the business case for implementing a robust corporate defense program and the value proposition of introducing a truly world class approach to addressing the value preservation imperative.
Cut and paste this link (https://m.youtube.com/watch?v=u5R_eOPNHbI) to learn more about a corporate defense program and how the book will help you implement one in your organization.
Frequently asked questions
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
Both plans give you full access to the library and all of Perlegoās features. The only differences are the price and subscription period: With the annual plan youāll save around 30% compared to 12 months on the monthly plan.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, weāve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes, you can access Corporate Defense and the Value Preservation Imperative by Sean Lyons in PDF and/or ePUB format, as well as other popular books in Business & Auditing. We have over one million books available in our catalogue for you to explore.
Section II
A Tactical Perspective
5 | Laying the Foundation and Setting the Ground Rules |
Shallow men believe in luck. Strong men believe in cause and effect.*
R.W. Emerson
5.1 FUNDAMENTALS OF CORPORATE DEFENSE
How does an organization go about addressing its corporate defense obligations? All organizations are faced with the possibility of potential hazards, and these can arise for numerous reasons. Examples of potential hazards include litigation, fraud, regulatory breaches, crime, espionage, and natural disasters, to name but a few. These hazards represent not only short-term financial risk to the organization, but also a potential knock-on reputational impact, not to mention the human implications and costs. Ultimately, all hazards can have a financial implication, be it in the form of additional costs, reduced profits, or impact on share prices, and so on. These hazards can typically be the result of deficiencies in an organizationās corporate defense program, whereby these deficiencies were either intentionally or unintentionally exploited.
5.1.1 CORPORATE DEFENSE MEASURES
Every organization is faced with its own unique set of risks, threats, and vulnerabilities, and these will vary depending on the organizationās philosophy and culture, the business sector it operates in, its geographic location, and so on. As a result, each organization in turn will need to take its own unique steps to defend against the occurrence of potential hazards in order to help preserve stakeholder value.
5.1.1.1 Corporate Defense Disciplines
There are a number of corporate defense components that are generally acknowledged to be required in order to help preserve value and safeguard stakeholder interests (i.e., governance, risk, compliance, intelligence, security, resilience, controls, and assurance). All organizations typically implement a diverse mix of these components to varying degrees in the operation of their business. Each of the critical corporate defense components will have certain specialist disciplines associated with its area of expertise that in themselves require specific technical skills and relevant qualifications. An organizationās existing corporate defense measures are a reflection of the extent to which each of these critical components is currently being addressed, and hopefully this mirrors the organizationās corporate defense requirements given its own unique circumstances.
5.1.1.2 Current Corporate Defense Efforts
Generally speaking, an organizationās corporate defense measures evolve over time as a reaction to its prevailing circumstances. In some organizations, it is acknowledged in advance that certain defense disciplines are necessary and that these require a specific level of experience and expertise. This can result in the setting up of specific departments or functions to act as competence centers for these disciplines (e.g., risk management or compliance functions). In other organizations, their level of experience and expertise in a particular discipline may simply develop organically over time based on the organizationās experiences in that particular area. Individual organizations need to be fully cognizant of the extent of its current corporate defense efforts in each of the critical corporate defense components and the level of experience and expertise available within the organization in relation to different corporate defense disciplines.
5.1.2 THE CORPORATE DEFENSE RATIONALE
Corporate defense is generally associated with taking appropriate measures to protect the organization and its stakeholders from the occurrence of hazard events. This can include measures to help ensure that its stakeholders are safeguarded from danger, attack, or harm. It can also include taking actions to help shield the organization from experiencing the impact of loss or damage, be it of a financial, physical, or reputational nature. The requirement to defend can be associated with an individual stakeholder, a group of stakeholders, or their associated tangible and intangible assets. Defending against the occurrence of loss or damage is no easy task as it represents an asymmetric challenge in so far as loss or damage can arise as a result of so many different events all of which need to be defended against, and yet only one needs to occur in order to incur a loss or damage. Corporate defense therefore requires constant alertness and continuous vigilance. From a stakeholder perspective, corporate defense represents a fundamental responsibility that is entrusted on their organization and its guardians.
If addressed in an appropriate manner, corporate defense measures can be effective in protecting the organization and its stakeholders from hazard events. These measures can also help support growth, sustainability, and profitability in the long term. If poorly or inadequately addressed however it can result in loss or damage, in poor performance, and lead to ongoing organizational decay in the long term. It can also result in the loss of stakeholder confidence and trust, which in itself can have either an immediate or a long-term catastrophic impact on the organizationās achievement of its objectives. The importance of an adequate corporate defense program should therefore never be underestimated.
5.1.2.1 Lessons Learned
Organizations can improve their existing corporate defense efforts by learning lessons from the past. Valuable lessons need to be learned from the organizationās own previous hazard experiences, and by ensuring that appropriate remedial action is taken to rectify issues that have been identified as contributing to the occurrence of previous hazard events. Equally valuable and less costly lessons can also be learned by the previous hazard experiences of other organizations. The identified failings of competitors or other similar organizations provide an opportunity to ensure that the organization addresses known vulnerabilities, weaknesses, and deficiencies. In doing so, it can ensure that it is adequately insulated against the occurrence of similar hazard events and help avoid the associated financial, physical, and reputational impact that can result. Learning lessons from past experiences however requires an inquisitive mind-set and a clear appreciation and understanding of the purpose of different corporate defense measures, and the capabilities of their associated specialist corporate defense disciplines.
5.1.2.2 Bullet-Proofing and Future-Proofing the Organization
Organizations are faced with a multitude of hazards that can be detrimental to the achievement of its objectives. In such circumstances, the corporate defense program can act as a buffer between the occurrence of hazard events and the potential impact that these events can have on your organization. An effective corporate defense program can in effect help bullet-proof the organization against the occurrence of hazard events so that your organization can not only survive but also thrive during periods of turbulence and chaos when other organizations are struggling or devastated. Bullet-proofing involves providing protection to the organization against the impact of a hazard event, and an effective corporate defense program can in effect act as the organizationās bullet-proof vest. The bullet-proof vest provides the organization with an extra level of protection that can actually allow the organization to take risks and reap rewards that other organizations are simply not in a position to do.
An effective corporate defense program can help future-proof the organization to ensure that it has developed measures to anticipate the occurrence of and safeguard against future hazards. Such measures can help minimize the impact of hazards. Future-proofing is concerned with delivering long-term sustainable value and developing the ability to accurately predict and prepare in advance for potential hazard events. It involves building durability, redundancy, flexibility, and adaptability into the organizationās structures, so that it is adequately prepared to address the challenges of the future rather than simply addressing the challenges of yesterday and today.
5.2 CORPORATE DEFENSE DOMAIN
The corporate defense domain refers to the entire field of expertise that can contribute to an organizationās corporate defense program. It relates to the critical corporate defense components and the related specialist disciplines associated with each of these components. It is concerned with the range of corporate defense-related activities, all of which contribute to the defense of the organization and its stakeholder interests. In effect it relates to the extent of the corporate defense jurisdiction and the areas that potentially need to be covered by a corporate defense program. The corporate defense domain can help an organization identify the different aspects of corporate defense that need to be considered when deciding on the corporate defense measures to be put in place.
5.2.1 CORPORATE DEFENSE-RELATED ACTIVITIES
Each of the critical corporate defense components has subcategories of defense-related activities that are associated with each component. It must be appreciated that in the modern era each of these components requires specialist skills and expertise that are essential to their effectiveness. Table 5.1 outlines the critical components and provides examples of the associated defense-related activities (Lyons 2009b). As can be seen, the corporate defense domain can encompass a broad range of areas, and as a result the corporate defense program can have a very wide scope. It is unreasonable to expect any one person to be an expert in all of these activities or to possess the deep level of technical knowledge required to be proficient in each of these areas.
TABLE 5.1
Corporate Defense-Related Activities
Corporate Defense-Related Activities
Governance | Security |
| ā¢ Environment/culture/philosophy ā¢ Organization/design/structure ā¢ Ethics and integrity ā¢ Stakeholder relations ā¢ Strategy and planning ā¢ Frameworks and methodologies ā¢ Policies and procedures ā¢ Processes and practices ā¢ Responsibility and accountability ā¢ Oversight and supervision | ā¢ Physical security ā¢ Premises security ā¢ People security ā¢ Materials security ā¢ Facility security ā¢ Operations security ā¢ Information security ā¢ Endpoint security ā¢ Application security ā¢ Operating system security ā¢ Database security ā¢ Network security ā¢ Gateway security |
Risk | Resilience |
| ā¢ Enterprise risk ā¢ Operational risk ā¢ Credit risk ā¢ Market risk ā¢ Strategic risk ā¢ Reputation risk ā¢ Financial risk ā¢ Project risk ā¢ Environmental risk | ā¢ Incident response ā¢ Emergency operations ā¢ Crisis management ā¢ Disaster recovery ā¢ Contingency planning ā¢ Continuity management ā¢ Interruption protection ā¢ Health and safety ā¢ Insurance |
Compliance | Controls |
| ā¢ Regulatory compliance ā¢ Legal compliance ā¢ Workplace compliance ā¢ Industry codes ā¢ Best practice guidelines ā¢ Internal standards | ā¢ Internal controls ā¢ Monitoring controls ā¢ Operational/processing controls ā¢ Financial/compliance/security controls ā¢ Preventative/detective controls ā¢ Primary/compensating controls |
Intelligence | Assurance |
| ā¢ Business intelligence (B.I.) ā¢ Operational intelligence ā¢ Market intelligence ā¢ Competitive intelligence ā¢ Knowledge management ā¢ Data/content management ā¢ Record management ā¢ Document management ā¢ Filing/storage/archive management ā¢ Communication ā¢ Monitoring and reporting ā¢ Telecommunications | ā¢ Inspection review ā¢ Internal/external audit ā¢ Regulator review ā¢ Rating agency review ā¢ Standards certification ā¢ Self-assessment review ā¢ Due diligence review ā¢ Fraud examination ā¢ Forensic investigation ā¢ Litigation support |
Each of these activities represents an important aspect of corporate defense in order to help the organization to address potential risks, threats, and vulnerabilities, which can arise both internally and externally to the organization. In fact, each of these activities should be considered to be an essential link in the chain, and effective corporate defense must be all inclusive as the chain is only as strong as its weakest link. To be most effective, all corporate defense-related activities need to be functioning in unison.
5.2.1.1 An I...
Table of contents
- Cover
- Half Title
- Title Page
- Copyright Page
- Table of Contents
- Preface
- Author
- SECTION I A Strategic Perspective
- SECTION II A Tactical Perspective
- SECTION III An Operational Perspective
- SECTION IV An Integrated Perspective
- References
- Index