CISCO Risk Management
-
Upload
uvmarine8747 -
Category
Documents
-
view
391 -
download
2
Transcript of CISCO Risk Management
1© 2003 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID
Managing Risk in an Uncertain World
Global Risk ManagementCisco Systems
222© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
Agenda
• Introduction to Risk
• Enterprise Risk Management
• Managing Supply Chain RiskInnovatioInnovatio
nn CommunityCommunityCommunity
U N I V E R S I T YU N I V E R S I T YU N I V E R S I T YU N I V E R S I T YAIRPORTAIRPORT
EmployeesEmployeesInfrastructurInfrastructuree
EnterpriseEnterpriseRisk Risk
ManagementManagement
BusinessBusiness
333© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
Evolution of Cisco and the Internet
Started at Stanford
IPO; 192 Employees
End-to-End Solutions Provider
Cisco Routers Power the Internet; LAN/WAN Switching, Remote Access
#1 Communications Equipment Supplier
Shipped First Router
Advanced Technology Focus:IP Telephony, Security, Wireless, Networked Home
1998199819841984 19861986 19901990 19941994 20022002 20032003
Cisco’s20th Anniversary
New Cisco CRS-1 Carrier Routing System
20042004
444© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
Introduction to Risk
Businesses continuously seek to forecast tomorrow in order to make better decisions today.
Risk Management is the process of dealing with uncertainty.
555© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
More Kinds of Crises Are Striking More OftenAnd Doing More Damage, Faster
Workplace Violence: 7 Employees Dead In Chicago Warehouse ShootingCHICAGO -- A disgruntled
employee opened fire at an at an auto-parts warehouse in Chicago Wednesday, killing six people. The attacker was also killed, hospital officials said.
Authorities got a call about 8:45 a.m. local time that a person had been shot -- possibly by a co-worker -- at the Windy City Core Supply Inc., police spokesman Pat Camden said. He said police fired shots as they entered the South Side building.
"A disgruntled employee who had either been terminated or was going to be terminated returned to the business, and that's where the shooting took place," Mr.. Camden said. He added that police tried to negotiate with the man but he refused. Police and the man exchanged fire inside and outside the building.
The Cook County Medical Examiner's Office said seven people died. The gunman and another man were pronounced dead at John H. Stroger Hospital, hospital spokesman Tony Ewell said. No other details were available.
Al Martinez, the owner of a business about half a block from the shooting, said he was at work when he heard the sound of gunfire outside. "We saw a guy shooting at police officers outside the building and saw people running around like crazy," said Mr.. Martinez, who owns Midway Pallets. "We came and saw all the cops running, hiding behind cars."
All buildings within a block of the auto parts and supply store were evacuated.
General Motors Plans Car Recall For Hazard-Warning SwitchesGeneral Motors Corp. plans
to recall about 783,000 Chevrolet Malibu, Oldsmobile Alero and Pontiac Grand Am cars to replace hazard-warning switches. GM said the switches may mal-function due to exposure to rapid temperature changes and a sol-dering process that could cause the warning and turn signals to work intermittently or not at all.
The Detroit auto maker hasn't received any reports of crashes or injuries caused by the mal-function, and expects new re-placement parts to be available during the first quarter of 2004. The recall involves only vehicles built between Feb. 1, 2000 and May 1, 2001, of which about 671,000 are in the U.S. and 88,000 are in Canada.Martha Stewart Profit
Drops 86%; Forecast Is GloomyNEW YORK -- Dogged by
the legal woes of its namesake founder, Martha Stewart Living Omnimedia Inc. posted an 86% drop in second-quarter net income and offered a gloomy forecast for the rest of the year.
The company's core brand will remain under "significant pressure" until Martha Stewart's personal legal situation is resolved, said Sharon Patrick, who took over as chief exe-cutive of the domestic-arts company in June after a federal grand jury indicted Ms. Stewart on charges connected to her December 2001 sale of ImClone Systems Inc. stock.
Martha Stewart Living reported second-quarter net income of $931,000, or two cents a share, down from $6.7 million, or 14 cents a share, a year earlier. Revenue fell 16% to $65.8 million.Reflecting the magazine's woes, second-quarter revenue from publish-ing, the company's biggest business, fell 16% to $39.6 million from $47.3 million. Higher revenue from the com-pany's new magazine, Everyday Food, as well as Martha Stewart Weddings partially offset losses from its flagship publication.
Coke Fountain Chief Steps Down Amid Furor Over Rigged Burger King TestThe head of Coca-Cola Co.'s
fountain division stepped down from his post in the wake of a scandal over a rigged marketing test for Burger King.
The executive, Tom Moore, will remain with Coke in a transitional role, "to ensure a smooth transition," a Coke spokesman said. To succeed Mr.. Moore, who has headed the food service division since December 1999, Coke named Chris Lowe, previously Coke's chief marketing officer for North America.
The spokesman couldn't say how long the transition would take, or what Mr.. Moore's next move would be. Mr.. Moore couldn't be reached for comment.
In June, the Atlanta company first disclosed its employees had tampered with results of a marketing test done three years ago at Burger King restaurants in the Richmond area to test the potential of a Frozen Coke
promotion. Coke has since publicly apologized to Burger King and agreed to pay as much as $21 million to Burger King and its franchisees to patch up relations with the company, which is its second-largest fountain drink customer after McDonald's Corp.
Coke's internal investigation of the incident was prompted by allegations offraud made by a former employee, Matthew Whitley, who is suing Coke in state and federal court in Atlanta for wrongful termination. Coke denies the fraud allegations and said Mr.. Whitley lost his job as part of 1,000 layoffs this year.
Coke has acknowledged that some employees "improperly influenced" the results of the Frozen Coke test. In 2001, Mr.. Moore and other Coke executives rejected a recommendation from Mr.. Whitley and another internal auditor to fire the head of Coke's Burger King account team for his
BioTech Firm Chiron Is Struck in California by Two Small Bombs
EMERYVILLE, Calif. -- Two small bombs exploded and shattered windows on the campus of biotechnology company Chiron Corp., but nobody was hurt and authorities said damage was minimal.
Police and company officials declined to comment on any suspects. Chiron and its executives have been targeted by animal rights protestors recently in connection with the com-pany’s relationship with Huntingdon Life Sciences, a New Jersey company that conducts animal experiments.
Emeryville Police Sgt.. LaJuan Collier said the first bomb exploded at 3 a.m. Pacific time in front of one Chiron building and the second detonated about an hour later at another building.
Chiron makes drugs and is required by the Food and Drug Administration to test its products for safety and effectiveness on animals before it can sell the drugs to people, company spokesperson John Gallagher said. He wouldn’t comment on whether Chiron conducts animal research at the Emeryville campus.
666© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
Risk Management
Effective Risk Management includes:
• Identifying and recognizing sources of uncertainty
• Measuring and assessing the frequency of occurrence severity of impact of an event
• Evaluating alterative approaches to mitigate or take advantage of the risk
777© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
New Approach to Managing Risk
• Increasing business complexity, globalization, competition, innovation, technology
• Exposure to new types of risk
• Focus on shareholder value protection and creation
• New regulatory requirements
• Hardening of traditional insurance markets
• Expanded set of sophisticated risk management tools available
888© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
Enterprise Risk Management (ERM)-Introduction
• Definition: ERM directs risk management activities in a comprehensive, coordinated, and consistent manner.
• Objective: Design a culturally acceptable process for the routine identification, assessment and management of risks throughout the Cisco (Strategic, Financial, Operational and External).
• Benefit: Create efficiencies and gain value from integrating existing risk management activities and then demonstrate the process for managing risk to our shareholders, employees, customers and partners.
InnovationInnovation CommunityCommunityCommunity
U N I V E R S I T YU N I V E R S I T YU N I V E R S I T YU N I V E R S I T YAIRPORTAIRPORT
EmployeesEmployeesInfrastructureInfrastructure
EnterpriseEnterpriseRisk Risk
ManagementManagement
BusinessBusiness
999© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
Enterprise Risk Management
“How Do I take more Intelligent Risks ?”
• Disciplined Decision Making • Risk Timing• Business & Technology
Innovation• Increased Shareholder Value• Industry Leadership
“How Do I take more Intelligent Risks ?”
• Disciplined Decision Making • Risk Timing• Business & Technology
Innovation• Increased Shareholder Value• Industry Leadership
“Is my current Risk level in control?”
• Business Risk Monitoring• Risk Responsiveness• Tolerance
–Controllable Risks–Non-Controllable Risks
“Is my current Risk level in control?”
• Business Risk Monitoring• Risk Responsiveness• Tolerance
–Controllable Risks–Non-Controllable Risks
“How Do I Reduce Business Risk?”
• Risk Analysis• Risk Assessment• Business Continuity
Planning• Business Resilience
“How Do I Reduce Business Risk?”
• Risk Analysis• Risk Assessment• Business Continuity
Planning• Business Resilience
OPTIMIZE GROWPROTECT
ERM
Corporate Strategy
101010© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
The Enterprise Risk Management Continuum
RESILIENTRESILIENT• Advanced BCM• Scalable• Flexible• Modular• Agile
• Advanced BCM• Scalable• Flexible• Modular• Agile
INTEGRATEDINTEGRATED• Business Performance
Monitoring System• Embedded Analytics• Patterns & Trends• Systems View
• Business Performance Monitoring System
• Embedded Analytics• Patterns & Trends• Systems View
ADAPTABLE• Dynamic Data• Real Time Monitoring• Self-Deciding• Self-Optimizing• Self-Correcting
• Dynamic Data• Real Time Monitoring• Self-Deciding• Self-Optimizing• Self-Correcting
111111© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
Business Resiliency
RESILIENTRESILIENT• Advanced BCM• Scalable• Flexible• Modular• Agile
• Advanced BCM• Scalable• Flexible• Modular• Agile
Goal: Create a readiness state for Cisco that leads to less volatility, greater predictability and fewer surprises.
Benefit: Develop capability to bounce back quickly thereby protecting employee welfare, customer satisfaction, brand reputation and shareholder value
121212© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
Integration – People, Process, Systems and Culture
Goal: Create a strategic process to identify, categorize, assess and respond holistically to hazard, financial, strategic and operational risk
Benefit: Identify risk concentrations and interdependencies as well as offsetting risk patterns to optimize scarce resources and to grow shareholder value
INTEGRATEDINTEGRATED• Business Performance
Monitoring System• Embedded Analytics• Patterns & Trends• Systems View
• Business Performance Monitoring System
• Embedded Analytics• Patterns & Trends• Systems View
131313© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
Business Resilience Framework
Key Key Response Response PartnersPartners
•Human Resources•Workplace Resources•Legal•Corporate Communications•Finance•Public Relations•Information Technology•Customer Advocacy•Security•Affected Business Units
TheaterTheaterCrisis ManagementCrisis Management
EmergencyEmergencyResponse TeamsResponse Teams
Executive CrisisExecutive CrisisManagementManagement
BusinessBusinessContinuity ManagementContinuity Management
The following elements are in place:• Site specific Emergency Response Teams – address minutes to hours response.
• Theater Crisis Management- address coordination of Site Crisis Teams and incidents that impact the Theater.
• Business Continuity Management-address processes to ensure recovery of critical business processes, people and systems
• Executive Crisis Management- strategic guidance to Theaters and Senior Management in responding to crises.
141414© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
Adaptable
• Vision for the FutureCreate an organization whose Risk Management approach is real time, driven by dynamic data and the ability to self-correct.
• Dynamic Data• Real Time Monitoring• Self-Deciding• Self-Optimizing• Self-Correcting
• Dynamic Data• Real Time Monitoring• Self-Deciding• Self-Optimizing• Self-Correcting
ADAPTABLE
151515© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
Managing Risk @ Internet Speed
161616© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
Incorporate Risk Analysis
into Planning andOps Review Process
Identify, Assess andPrioritize Risks
Analyze Risksand
Current Capabilities
Gain Consensus onMost Important Risks
and Governance
Develop andExecute Action
Plans/Establish Metrics
Measure, Monitor andReport onProgress
Risk Management Framework
Integration - Close Loop Process
171717© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
Typical Risk Management Actions
Type of Risk Typical ActionHazard risks(property/casualty, environmental, liability)
Insurance, mitigation plans, scenario planning
Financial risks(Currency, Interest rate, commodity prices, credit, liquidity)
Financial derivatives, asset allocation adjustments
Operating risks(Inventory, supply chain, capacity, systems)
Supply chain management, alternative sourcing, backup/redundant systems
Organizational risks(Governance gaps, wrong org. structure, Talent/morale, M&A integration)
Governance checks & balances, org structure realignment, talent measurement & investment
Strategic risks(Technology, brand collapse, disruptive competitors, stagnation, customer shift, new project risk)
Double betting, M&A, crisis management, early warning systems, proprietary information, smart product/project sequencing, demand innovation,
Source: Mercer Consulting
181818© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
Risk Map (Example Only)
181818
•Strategic Risks:• Brand/Reputation
• Business Model and Portfolio• Channel
• IP Infringement/Counterfeit
• Quality• Resource Allocation/Alignment
•Operational Risks:
• Catastrophe/BI
• Change Mgmt
• Security
•External Risks:
• Competitor• Customer Needs/Product Port
• Legal/Anti-trust
• Regulatory/Taxation
• Technological Innovation
•Financial Risks:
•Cash Flow
•Credit•Debit
• Equity• Interest Rate
- 10-14 - 7-9 - 5-6Count Legend
1
23
4
5
7
8 9
10
14
12
1315
16
17
18
19
6
20
LOW MEDIUM HIGH
LOW
MED
IUM
H
IGH
Impa
ct
LikelihoodColor Legend
- Top Ten - Other
11
191919© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
Integration- Gap Analysis (Example Only)
Mgmt Effectiveness Average Risk
Ris
k
Mgm
t Effectiveness
HIGH
LOW
HIGH
LOW
0.00
1.00
2.00
3.00
4.00
Hiring/R
etentio
n
IP Infri
ngemen
t/ Counter
feit
Busines
s Model
and Portf
olioTec
hnological In
novatio
nCompeti
tors
Quality
Resource
Allo
catio
n/Alig
nment
Succes
sion plan
ning
0.00
1.00
2.00
3.00
4.00
Regulat
ory
Securit
y
202020© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
Cisco’s Integrated Risk Management Framework
• Improve Corporate Governance & Reporting
Integrate key risk processes and systems
Identify, categorize and transfer out concentrated or inefficient risks
Apply enterprise risk managementto better understand Cisco’s risk appetite
Create a Cisco-on-Cisco story aroundhow we manage risk as part of improving Corporate Governance
Continue to use Risk Review Groupto increase risk education, awareness and information sharing across disciplines
Internal Controls Internal Controls (ICS)(ICS)
SarbanesSarbanesOxley Oxley (SOX) (SOX)
Risk Risk ManagementManagement
(RM) (RM)
Cisco Confidential - 2005
212121© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
Partnership
Board
• Policy• Risk Strategy• Oversight• Correction
Executive Management• Establish Policy• Propose Risk Strategy• Measure / Monitor• Report to Board• Enforce
Line Managers• Identify Risk• Measure Risk• Prioritize Risk• Manage Risk• Report and Improve
Risk Management
• Monitor• Coordinate• Educate
• Facilitate• Benchmark• Report
222222© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
Managing Supply Chain Risk @ Cisco
232323© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
Core Versus Context
Core Context
MissionCriticalMissionCritical
Non-MissionCritical
Non-MissionCritical Outsource
Control SpecsOutsource
Control Specs
In-HouseIn-House Out-TaskTight ControlOut-Task
Tight Control
Out-Task Some ControlOut-Task
Some Control
242424© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
Global Factory and Distribution Infrastructure
8 SLC’s Outsourced to 3PL2 OCC’s Shipping from Mfg.8 SLC’s Outsourced to 3PL2 OCC’s Shipping from Mfg.
PCBA SITEBOX BUILDPCBA / BOX BUILD
PCBA SITEBOX BUILDPCBA / BOX BUILD
14 TOTAL SITES4 TOTAL CM’S14 TOTAL SITES4 TOTAL CM’S
Jabil FLJabil FL
Jabil Hungary
Jabil Hungary
CelesticaMexico
CelesticaMexico
Celestica-Thailand
FoxconnChina
Jabil andSLR
Penang
Jabil andSLR
Penang
SLR-TXSLR-TX
Jabil MexicoJabil Mexico
FoxconnHong KongFoxconnHong Kong
Celestica NHCelestica NH
FoxconnCzech
Republic
FoxconnCzech
Republic
CLSToronto
252525© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
Mfg Supply Chain BCP Tool
262626© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
272727© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04
Closing Thought………
“Organizations make money by taking risk and lose money by not effectively
managing risk.”
282828© 2004 Cisco Systems, Inc. All rights reserved.FI-EBC-JAN04Presentation_ID 282828© 2003 Cisco Systems, Inc. All rights reserved.