Plan for the Worst, a Breach Could Be Happening Now
08/12/2010

ZeroPoint Risk Research Reports on Information Integrity Management as a Vital Component of Enterprise Risk

Online PR News – 12-August-2010 – – Boston, MA, August 12, 2010 -- ZeroPoint Risk Research LLC, the Boston-based risk management research and consulting firm, takes an in-depth look at today’s diverse threat range that too frequently strikes an enterprise. The management of risk increasingly requires thinking from a post-breach mindset. Creating a response after an information integrity compromise is not the ideal time. Plan for the worst by thinking it’s already happened.

“These cases are often multifaceted, complex, and complicated to manage,” said MacDonnell Ulsch, CEO of ZeroPoint Risk Research LLC. “Too many companies calculate the potential impact of risk after the fact.”

Too many companies calculate the potential impact of risk after the fact.

##--1--## may highlight the public disclosure of company impairments and fines levied by the regulator. As well, it can expand scrutiny in the form of a Consent Agreement imposed by regulators, which require periodic reviews by the government and compliance with specified actions that must be undertaken by the breached company. The specified actions include remediation of controls that failed to prevent a breach. Regulatory risk is on the rise because of the increase in the number and diversity of regulatory requirements. The lack of clarity around many such regulations can cause the result of interpretations that may fail to meet regulatory intent. Regulations are often written to apply to the broadest range of conditions, which affect a wide latitude of interpretation and implementation. Remediation can be time consuming and expensive.

##--2--## may involve civil litigation and even criminal prosecution against individuals and/or corporations. Many cases never reach the public courtroom but, instead, climax in financial and other settlements. Some cases do make it to trial, and the consequence is most often determined by a jury. And while there are always losers, there are not always winners. Just being involved in the case may result in unwanted public disclosure. The case may also trigger additional regulatory scrutiny. Legal action is always expensive, often disruptive, and the outcome difficult to predict.

##--3--## may culminate in the financial impact of regulatory and legal actions. Consider the potential for loss of valuation of the company. This is critical to a broad range of stakeholders, including management, employees, lending institutions, and a variety of investors. Financial risk extends to loss of market share, potential product or service price reduction, increased marketing and sales costs to combat losses, the cost of capital, and even the ability to continue as a viable business entity.

Reputation Risk can be greatly influenced by exposure in the media. The impact is usually negative when information integrity compromise is the subject. Reputation is a determinant of market impact and success. Respect founded on trust is hard to earn and easy to lose. Twenty-four by seven news media and the Internet have made reputation difficult to manage under the best of circumstances. Managing reputation risk should be one of the foremost goals of any company where trust is intrinsically linked to success.

ZeroPoint Risk Research LLC specializes in the measurement and testing of information integrity, and calculating regulatory, legal, financial, and reputation risk.
www.ZeroPointRisk.com

visit our website