Business process mapping and risk management

Flask Data provides a one-stop cloud subscription for EDC, data management and statistics.

Many risk management consultants tell organizations that they must perform a detailed business process mapping and build data flow diagrams of data and users who process data in order to achieve compliance and reduce the operational risk of information security.

This is a very bad idea.

Business process mapping is an expensive task to execute and extremely difficult to maintain that can require large quantity of billable hours. That’s why companies like PwC, IBM, EY and KPMG love business process modeling The added value of modeling data flows inside your organization between people doing their job is arguable. There are much better ways to make your organization robust to a major data loss event without writing out a 7 digit check for professional services and a BPM system from Business Objects, Cognos, Kalido, Oracle, Hyperion, Applix, Pilot, SAS or SAP.

There is a simple and effective way of figuring out data value at risk and mitigating data security threats:

  1. Select the 5 most valuable data assets that your company owns. For example – proprietary designs of products,  due diligence reports of a public company being acquired, and details of competitive contracts with large accounts.
  2. Ask 5 finance, operations, IT, sales and engineering staffers – what is their biggest threat to their most important asset and how badly the threat can damage the asset – on a scale of 1 to 5. Call that “Damage”.
  3. Ask them how often the threat materializes – once a month, once/year or once a decade. Call that “Probability of occurence”.
  4. Quantify the asset value. Schedule 1 hour with your CFO and ask her how much each asset is worth in dollars. The dollar value of a digital, reputational, physical or operational asset to a business can be established fairly quickly by the CFO – in terms of replacement cost, or impact on sales and operations. Call that “Asset value”
  5. Calculate your value at risk = Sum (Asset Value * Damage * Probability of occurrence)

More about bad ideas in 10 steps for protecting customer data

Related Posts Plugin for WordPress, Blogger...

Flask Data is a technology company with a strong people focus. We are a diverse group of computer scientists and clinical operations specialists based in Israel, the US and India. We are accomplished at providing our customers with the most effective way to achieve high quality clinical data and assure patient safety. There is no single solution that works for every clinical trial. We work hard to understand your unique situation. We work with your team to develop the best solution to achieve high quality clinical data and assure patient safety the same day you engage with patients.

Flask Data – same data data and safety solutions for clinical trials.

Contact us to learn more

Tell your friends and colleagues about us. Thanks!
Share this

Leave a Reply