RiskNET Summit 2020: Our Conclusions

We were very pleased with the opportunity to present ourselves at this year's RiskNET Summit and found the individual exchange with participants from different backgrounds to be enriching. Read the complete article and learn more about the trending topics discussed in the summit, as well as our conclusions.

July 2020: Considerations, planning and decisions on the events for the rest of the year. Should we? Do we want to? Can we? Should we dare to participate in a “real” event? Our answer: Yes. We decided to go for it and be a part of the RiskNET Summit 2020.

Image 1: RiskNet Summit 2020


Image 2 and 3: Our team and booth at RiskNet Summit 2020

Three months later, the time has finally come. In a reality that is again characterised by uncertainty, clear and binding statements are equally important to good communication and personal responsibility. We find all these things reflected in the content, lectures and presentations at the event. The ability to consider and evaluate major developments, trends and intertwined effects seems to continuously gain importance. The summary of the current geopolitical situation clearly emphasises this and also mentions specific areas that risk managers have to pay more attention to: Revenues might be at risk due to changing global export policies and possibly affected supply chains are just some of the aspects.

The supply chains in particular, and thus also the aspect of third party risk management, have received a lot of attention in recent months and will continue to remain top of mind for any risk manager. Smartly integrating this topic into existing risk management processes seems to be one of the upcoming priorities in order to act cost-effectively as well as to create the desired transparency and, in particular, to achieve an adequate level of security of supply with suitable measures.

There are also some suggestions for risk managers with regard to the continued existence of companies. Finding the right balance between agility and stability is emphasised as a decisive factor, which can certainly be transferred equally to corporate management, the content of individual risks and also to the processes relating to risk management.

One of the new requirements from the revised IDW PS 340 audit standard ties back to supply chains and related risks: a complete risk inventory which thus also includes external risks. This and the other essential changes were jointly deepened in our workshop. We would like to take this opportunity to thank once more the numerous participants for their contributions to the discussion. The conclusion from the workshop leaves us with mixed feelings. A very clear picture was drawn of the current maturity of the risk management process in companies and there was also agreement on the need for action. The concrete way to get there and which methodical steps are necessary, in particular to meet the requirements of the audit standard, seems to still require time and thorough elaboration.

Those looking for possible advice in day-to-day risk management and a practical point of view, were addressed by a number of in-depth sessions. Cyber ​​risks are being looked at from two perspectives: on the one hand, the perspective of a reinsurance company, who ultimately has to evaluate developments, tendencies and real attacks in monetary terms for the respective policies, and on the other hand, the very realistic description of the processes involved in experiencing a “real” attack.

Based on lived reality and real processes, we get insights into the overall processes of a risk management system, including aspects of organisation and communication.

Furthermore, we go deep into the possibilities of quantitative methods by understanding concrete examples as well as incorporating contributions from a scientific point of view. An excursion to statistical methods should not be missing.

We were very pleased with the opportunity to present ourselves at this year's RiskNET Summit and found the individual exchange with participants from different backgrounds to be enriching. As a personal assessment, it should be noted: The methods of assessing risks are of course an important and supporting pillar in risk management. It is necessary and sensible to further improve the existing approaches and methods, and we have received useful suggestions for this. In addition, however, it is also important to continue working on aspects such as risk culture and the acceptance of the processes. Only then will it be possible to achieve a risk management system that is firmly anchored within an organisation and creates added value to it.

Learn more about Alyne in an interview with Sales Director, Claudia Howe, filmed at the RiskNET Summit on 21 October 2020. 

Claudia Howe

Related Posts

A 360 Degree Risk View of Your Vendors with Alyne and SecurityScorecard

Recently, Alyne’s third party risk management capabilities became a whole lot more powerful with the introduction of the SecurityScorecard integration which offers users a comprehensive 360 degree risk view of their third party dependancies. Read more about how you can power-up your vendor governance process with the help of Alyne and SecurityScorecard.
Read more

Integrating Cyber Security, IT and Vendor Strategy for Improved Enterprise Risk Management

This year, United State's President Joe Biden signed a cyber security executive order to increase scrutiny and raise the bars for software security standards. In this article, Christina Casino from Alyne’s Customer Success Team unpacks and explains Alyne’s approach that can help your organisation streamline and integrate IT, cyber security and vendor strategy all within a single SaaS platform.
Read more

Data Security, Data Sovereignty and Data Residency Within a SaaS Cloud Environment

The convergence of big data and hyper cloud infrastructure has created a myriad of issues around the access, use and storage of data. The wave of nationalism and ‘inward focus’ as a reaction to a sustained period of outward-looking globalism is a major reason for this. Data custodians have very strong views and often regulatory requirements around how data should be treated. In this article, Stephen Nyabadza from Alyne’s Sales Team unpacks and explains Alyne’s approach to data within a Software-as-a-service (SaaS) cloud environment satisfies all concerns in this area.
Read more