No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home Featured

The 4 Dimensions of Risk Fitness Amid COVID-19

How to Prepare for Risk During a Crisis

by Gunjan Sinha
April 27, 2020
in Featured, Risk
illustration of "closed" sign on city with coronavirus in the air

Now more than ever, it is crucial for businesses to prepare for multiple dimensions of COVID-19-related risk. MetricStream’s Executive Chairman Gunjan Sinha outlines the key areas where leaders should focus to guide their companies.

As we move through 2020, the COVID-19 pandemic caused by the novel coronavirus continues to cripple global business with more than 2 million people globally contracting the virus. The last time the world saw such a widespread crisis was from the subprime mortgage crisis in 2008 that caused the worst U.S. recession since the Great Depression.

While we are still riding out the storm of COVID-19, businesses must draw on the insights gained over the last 12 years to address Unknown Unknowns.

Where GRC Can Help

In 2008, governance, risk and compliance (GRC) was just being established in response to banks’ needs for systems to deal with the uncertain times and landscape. With banks facing new regulations, insights into their financial systems would be crucial to properly deal with issues across the globe. GRC software was created to help these entities enact compliance controls, apply them effectively and measure risk management. Since then, GRC software has assisted companies in almost every vertical and provides versatile tools for organizations navigating the COVID-19 crisis. With organizations, governments and health care institutions being stretched in ways unimaginable four months ago, having a plan to address risk is paramount.

In order to enact a strong risk governance program, companies need to review their key risks on a quarterly basis to stay prepared. Organizations looking to avoid unnecessary risk should attempt to identify where and when potential hot spots may arise. Risk stemming from COVID-19 – in terms of geographies, customers, suppliers, business lines and other company assets – needs to be accounted for to provide visibility during a response. Once the relevant hot spots have been located, be sure you have a system in place to assess risk and coordinate with the appropriate parties.

Below are four dimensions of risks to be aware of to maintain risk fitness and overall corporate compliance.

1. Operational Risk

Operational risk covers a company’s people, including third parties, who often form the nucleus to support key business operations. Business systems and processes are increasingly becoming intertwined, so if an incident was to occur inside a supplier’s system, the wider organization and supply chain associated could be impacted. Because of this, the speed of any response is key to a company’s ability to surmount a crisis.

The ripple effect of COVID-19 is causing offices to shut down, suppliers to function on a reduced capacity and employees to work remotely. Businesses can remain resilient by making sure the right controls are in place. Measuring the scope of impact through rapid assessments to employees and third parties can assist in predicting workforce changes or supply chain disruptions.

Technology plays an important role in automating the functions people rely on when we are forced to stay isolated. With IT systems facing unprecedented remote access and usage demands, the risk of high threat levels and vulnerabilities means that cybersecurity plans should also be in place.

2. Financial Risk

Financial risk increases when companies run into issues obtaining financing or when revenues and margins drop. Disruptions within the supply chain can also create problems in distribution and production, impacting sales. This, in turn, can cause missed revenue targets, a lack of clarity to provide forward-looking guidance and facility closures.

Developing a process playbook to serve as a roadmap can help mitigate risk. This playbook gets the essence of the right actions into the hands of the best team members who can take action. As the landscape shifts, the playbook can be adjusted to adapt to the risks that arise. Crises like this require quick action to prevent financial risk. By avoiding reinventing the wheel wherever possible you can save time without cutting corners. Conducting accurate business impact assessments, mass notifications and solid business continuity management are key to avoiding financial challenges.

3. Reputation Risk

Any crisis creates opportunities to excel within an industry, bringing forth a chance to show how you responded better than competitors did. On the other hand, a lack of leadership can create mistrust and confusion within your organization and customer base. The question can arise, if the firm can’t handle the crisis, can they handle my business?

A detailed, compliant framework allows companies to easily coordinate the systems of GRC properly. This can involve unwritten social contracts – think goodwill and reputation – or written contracts with suppliers, regulators, customers and partners.

Another important factor is to review corporate policies to ensure you are complying with regulations laid out by your country or state. Be sure to tighten existing controls in cybersecurity and workplace health. Avoiding risk and ensuring the safety of your workers and business assets should remain a top priority. As consumers and regulatory bodies such as the FCA and SEC push for stronger conduct rules, not addressing reputation risk can damage a company’s reputation even after a crisis is resolved.

4. Strategic Risk

Companies need a complete understanding of how the risks associated with all aspects of their business coexist. During an unprecedented time such as the COVID-19 pandemic, it will not be uncommon for businesses to have to pivot away from tried-and-true business models or processes. A company’s ability to quickly triangulate key personnel risk, business resumption risk and operational risks will separate it from the competition.

The makeup of larger corporations can often be extremely complex. In order to properly pivot, senior management must have a deep understanding of how everything is interconnected; if something goes really wrong, they’ll know how to problem-solve effectively. However, small companies are just as much at risk, as their resources to outlast a crisis may be limited.

What is on the Horizon?

The financial crisis in 2008 has paved the way for 12 years of strong growth from companies that both survived and were able to thrive in a time of economic recovery. With COVID-19, GRC is even more important as workers and business go digital, cybersecurity risks increase and growing globalization forces companies to follow regulations across the globe.

Whether you are part of a large, global bank or smaller local business, GRC is a powerful tool for business leaders to manage compliance policies now and in a post COVID-19 world. There is no one-size-fits all approach to a compliance program. However, the common thread is building a program that is future-proof (i.e., agile and scalable to respond to changes in the market).

By preparing for and investing in a plan to handle future events, your business can hit the ground running during a future crisis. Remember, being prepared is the first stepping stone to eliminating panic and building toward success.


Tags: COVID-19Crisis ManagementReputation RiskSupply Chain
Previous Post

Houston, We’ve Had a Problem

Next Post

A Conflict of Interest: Compliance Officer Whistleblowing

Gunjan Sinha

Gunjan Sinha

Gunjan Sinha is the Founder and Chairman of MetricStream. As such, he helps lead the overall direction and vision of the company. He currently serves on the board of directors of several Silicon Valley companies and was appointed in 2010 to the Board of the U.S.-India Science and Technology Research Endowment Fund by the U.S. State Department to promote entrepreneurship and innovation. Additionally, he has been the Chairman of CFHI.org, which brings transformative health care education to underserved communities. Over the course of Gunjan’s career, he has spent more than 20 years in various entrepreneurial, board and executive positions building innovative businesses. Gunjan was the Co-Founder and President of WhoWhere? Inc., a leading internet directory services company that was acquired by Lycos in 1998, as well as eGain, an online customer service company which he built from inception to post NASDAQ IPO. Gunjan obtained his bachelor’s and master’s degrees in Computer Science from the Indian Institute of Technology, New Delhi and UC Santa Cruz, respectively. He also holds a master’s in Industrial Engineering and Engineering Management from Stanford University.

Related Posts

cfpb building sign

What Does Weakened CFPB Mean for FinServ Compliance?

by Carrie Pallardy
April 30, 2025

Federal deregulation doesn't mean compliance professionals can relax. CCI contributing writer Carrie Pallardy investigates the implications of a weakened Consumer...

supply chain shipping containers

‘You Don’t Want to Be the First Company to Not Comply’: How Trump’s Tariffs Are Shaking Supply Chains

by Cathy Siegner
March 31, 2025

The ripple effects of tariff policies extend far beyond simple cost increases, creating complex compliance challenges that span legal, financial...

news roundup header image papers

Internal Audit Group Prepares New Third-Party Topical Requirement

by Staff and Wire Reports
March 7, 2025

Most organizations expect to increase fraud budgets

turbulent waters

Compliance in Transition: Navigating Political & Regulatory Turbulence

by Anna Romberg and Julia Haglind
February 14, 2025

Returning to core values — not chasing regulatory or political shifts — is the key to sustainable compliance

Next Post
silhouette of whistleblower against numerous other profiles

A Conflict of Interest: Compliance Officer Whistleblowing

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights