One of the systemic problems at large institutions including organizations like your own Fortune 500 Global company is keeping your finger on the pulse of "Risk Indicators".
Unfortunately for SVP's and other executives in the corporate hierarchy, your middle managers are creating the layer that impedes the best "Early Warning System" you may have at your disposal.
When problems surface on the front line or over in the "Cube City" in some Telephone Call or Information center on the other side of the globe, or across your new "Work-From-Home" (WFH) team, the normal agenda is for the employee to go to their direct supervisor to raise the "Red Flag" or disclose the incident. Perhaps the first behavioral response by the Middle Manager is to keep it quiet. Fix it before anyone else finds out. Keep it under wraps until damage control can be implemented.
When you are the Head of Enterprise Risk Management, you need mechanisms to bypass and eradicate the barrier holding your intelligence, incidents and overall hunches for ransom. There is no magic system or process that will solve it all. Yet, the only way to attempt at breaking through this layer of social and organizational dysfunction is to circumvent it.
A continuous risk monitoring system has to be implemented and operating anonymously 24/7 in concert with the Security Operations Center (SOC) if the upper echelons of executive management are ever going to "Feel the Pulse" of risk hotspots in the company.
These hotspots translate into true "Risk Indicators" from the sources themselves, people who know what's going wrong and know the ground truth. An internal Continuous Risk Monitoring System (CRMS) is an automated human feedback and problem identification mechanism for detecting insider risks. It allows leaders of large organizations to quickly identify problems and incidents of all kinds in their company. Call it a sophisticated whistle-blower system or even suggestion box but that is exactly what it is, on steroids.
The ideal CRMS system would emulate communication patterns in small groups which is often a major ingredient in successful teams. It would also run on the existing computers and networks of the organization or from home by logging in via an internal VPN. The soldiers on the front line know what is going on far sooner than the commanders in the Joint Operations Center just as the employee or supplier does and they need a way to communicate the issue, concern or threat in a rapid and efficient manner.
"The system provides the executives with instant or trend based intel that is actionable. It provides the "Insight" as well as the pertinent facts that you need to make more quick effective decisions."
Think about how long it takes for data and information to percolate and bubble up from the places in your organization that are considered "Current Risk Hot Spots". The point is that for far too long we have been playing the old telephone game.
You know, the one that you played as a kid sitting around the kitchen table or on the floor in a circle. One person starts and whispers into the ear of the person to there right. Just a sentence or two. By the time the message gets around to the 3rd or 4th person, now the data is dramatically different than the original. It's been interpreted, edited and sanitized.
Walk down and visit the person who is in charge of the anonymous 800# or “electronic suggestion box” or perhaps the official whistle-blower program at your organization.
Ask them for an activity log. Ask yourself how you could get this mechanism to perform better and then work with your front line to develop something that middle management can't filter, change or delete. That is when you will be well on your way to getting TrustDecisions in real time…
