Risk in Information Systems & e-Business (RISE)
Special Interest Group

Group contact details

Dave Canham (Chair) - david.canham@aviva.co.uk

Dave's biography (PDF 265 Kb)

Alastair Allison - alastair.allison@uk.zurich.com

Alastair's bography (PDF 45 Kb)

Daniel Roberts - daniel.roberts@crowehorwathgrc.net

Daniel's biography (PDF 258 Kb)

Matt Hillyer - matthew.hillyer@tnt.co.uk

Matt's biography (PDF 28 Kb)

Next meeting

Future meetings

Group aims & objectives

The Risk in Information Systems and E-business (RISE) is being re-launched with  an emphasis on understanding the risks associated to all aspects of technology, change, security and impact on the front end business risk. The aim of the Group is to bring together risk professionals, students and those with an interest in this area together to share best practice, experience and build an informal network to discuss issues and challenges both internally and externally within their respective organisations. It is the aim of the group to bring together professionals from a wide range of industries and expertise to enrich the debate around technology risk.  The inaugural meeting will set the agenda for the SIG but it is expected the group will meet on a quarterly basis with a  mixture of talks from Industry experts and practitioners, round table’s on specific issues and debates where differing points of view will be advocated by two parties to facilitate a discussion.  Some of the topics suggested for discussion include:

• Data Loss, Is it important ?
• Cyber Crime, is this the biggest threat to companies, economies and countries ?
• What’s the role of the IT Risk Manager within different industries ?
• What does the Cloud mean for companies and the risk profession ?
• What’s the industry standard for the management and delivery of IT Change ?
• How can you minimise the potential for Fraud within systems ?
• Does regulation dictate IT design or does business process ?
• PCI DSS, does it matter ?
• Data privacy legislation, regulation, coverage and approaches
• Social Media, the Internet and Data Privacy ?

Research Paper

The group is currently conducting a valuable piece of thought leadership into the fast paced and dynamic Cyber Threats to business, governments and global enterprises in the name of the IRM. This research is aimed at giving Risk Managers and senior boards some practical guidance and advice in assessing, managing and monitoring cyber exposures and attempting to demystify some of the multiple messages around the subject matter.

The research is covering the following chapters:

•        Definition of Cyber risk – IET leading - Hugh Boyes

•        Tools and models for assessment of Cyber exposures

•        Reaction, resilience and incident management

•        Interpretation and understanding of the multiple standards – IS27001 etc

•        Behaviour, and the impact of Social Media – Aviva leading – Dave Canham

•        Opportunties associated to “Cyber”, it’s not all bad? BAE Deltica

•        Information Security and the Cloud – Crowe Howarth - Dan Roberts

•        Supply Chain, process outsource – Zurich leading - Alastair Allison

•        Insurance for Cyber – AIG leading – Jamie Bouloux

•        Iceberg impact of a cyber loss – TNT leading – Matthew Hillyer

•        Skills, training and capability

•        Investment case for “Cyber”

•        Reputation, brand and corporate response - (Crowe Howarth - Dan Roberts  2nd)

•        Incident Management - (Aviva 2nd)

•        Mobile device security - (Zurich 2nd)

Recent meetings