BreachExchange mailing list archives
Why Your Company Must Have Firm Operational Boundaries
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Wed, 30 Dec 2015 19:21:18 -0700
http://www.inc.com/ric-edelman/why-your-company-must-have-firm-operational-boundaries.html What happens in your company when issues such as the following arise? One of your products loses a significant percentage of market share. The company fails to respond to a customer's complaint or rectify a privacy breach within a designated period. You lose a sale or customer to a competitor. Well-run companies don't let issues like these occur without a response. Leadership steps in immediately to find out what caused the problem and make whatever adjustments are needed to prevent a recurrence. Have you established boundaries within your company that automatically trigger attention when those boundaries are crossed? Doing so is an effective way to keep staff members focused on their objectives and the business operating harmoniously. Failure to set boundaries can allow small issues to fester and morph into larger ones--ultimately costing your company huge losses, both financial and reputational. When you set boundaries, make sure everyone knows what's expected and how the process works--how protocol breaches are to be reported, who will respond, when and in what way, how progress will be measured and what everyone can learn from the experience. At my firm, for example, we track the number of days we go without anything occurring outside our established norms. Everyone knows how long it's been since the last incident--because we post it on our intranet--and they know when an incident occurs because we reset the clock. That puts everyone on notice that they'll soon learn what happened (without naming names) and how we can all prevent it from happening again. Thankfully, we don't have to reset the clock often--and I'm convinced that our approach helps make that happen. Telling everyone the boundaries helps motivate them to stay within those limits. It also becomes more likely that you and your leadership team will learn of problems--giving you greater opportunity to resolve them. This can help improve your company's handling of operations; eventually, everything will be running better with little or no interruption in your schedule. It's almost like reorganizing the company in small steps, as you go, instead of having to formally engage in a massive, disruptive overhaul that's jolting to everyone, usually expensive, and which often fails to produce lasting value. If you haven't set boundaries within your company, consider doing so.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus on the right security. If you need security help or want to provide real risk reduction for your clients contact us!
Current thread:
- Why Your Company Must Have Firm Operational Boundaries Audrey McNeil (Dec 31)