Crises don’t discriminate. Whether they are economic, geopolitical, technological or environmental, you can expect to have to deal with a major one soon. And how well you minimize the impact of that crisis is the difference between achieving your business objectives, and completely missing them, disappointing your customers, employees, partners, and shareholders in the process. Lucky for you (if you believe in luck and not the probability of chance events), Forrester’s risk experts have updated The Governance, Risk, And Compliance Playbook For 2016. I also recently finished a series of reports on the state of business continuity (which I have creatively named part 1, part 2, and part 3) to give you a jump start on your GRC efforts. Below, I’ve highlighted some of our most recent and exciting GRC research:
Peter Cerrato is a principal consultant for Forrester's Business Technology consulting practice.
A very strange and sudden thing happened 66 million years ago. A comet crashing into the Mexican Yucatan peninsula near Chicxulub put an end to the long reign of the dinosaurs. But not so fast. We now know that some of those dinosaurs survived the massive Cretaceous-Tertiary extinction event: the smaller, faster, feathered and headed-toward-warm-blooded early ancestors of our eagles and hawks.
Risk professionals aren’t prepared for the age of the customer. Empowered consumers and changing market dynamics are upending longstanding business models and lines of operation, but risk professionals largely stand pat, and continue to neglect risks related to their organizations’ most critical asset – company reputation. Yesterday we published a report on "Brand Resilience" that will hopefully help you change that legacy risk mentality.
Corporate Reputation Is Increasingly Valuable…
Companies today rely on their reputation to generate greater portions of their revenue, attract new customers, and retain existing ones. This is why we see:
Earlier today, we published a report that dissects global risk perceptions of business and technology management leaders. One of the most eye-popping observations from our analysis is how customer obsession dramatically alters the risk mindset of business decision-makers.
Out of seven strategic initiatives -- including “grow revenues,” “reduce costs,” and “better comply with regulations,” -- “improve the experience of our customers” is the most frequently cited priority for business and IT decision-makers over the next 12 months. When you compare those “customer-obsessed” decision-makers (i.e. those who believe customer experience is a critical priority) versus others who view customer experience as a lower priority, drastic differences appear in how they view, prioritize, and manage risk.
Customer obsession has the following effects on business decision-makers’ risk perceptions:
Risk concerns heighten dramatically across several risk types – especially reputational risk. Reputational risk concern more than doubles for customer-obsessed decision-makers, and other risks also see significant increases, including corporate social responsibility (CSR) and sustainability risk, regulatory and compliance risk, and talent and human capital risk.
Everyone makes mistakes, but for social media teams, one wrong click can mean catastrophe. @USAirways experienced this yesterday when it responded to a customer complaint on Twitter with a pornographic image, quickly escalating into every social media manager’s worst nightmare.
Not only is this one of the most obscene social media #fails to date, but the marketers operating the airline’s Twitter handle left the post online for close to an hour. In the age of social media, it might as well have remained up there for a decade. Regardless of how or why this happened, this event immediately paints a picture of incompetence at US Airways, as well as the newly merged American Airlines brand.
It also indicates a lack of effective oversight and governance.
While details are still emerging, initial reports indicate that human error was the cause of the errant US Airways tweet, which likely means it was a copy and paste mistake or the image was saved incorrectly and selected from the wrong stream. In any case, basic controls could have prevented this brand disaster:
US Airways could have built a process where all outgoing posts that contain an image must be reviewed by a secondary reviewer or manager;
It could have segregated its social content library so that posts flagged for spam don’t appear for outgoing posts;
It could have leveraged technology that previews the full post and image before publishing.