Posted by: danielrashke | July 21, 2009

Reacting to Threats

All the talk about reforming our health care system has made for at least one positive result: it has motivated us to take a serious look at potential threats to our business.  In addition to the threats presented by the reform effort, we considered other threats such as infrastructure failures, losing our distribution system, losing key employees, and much more.  This serious review has turned out to be a very worthwhile endeavor.

We began by defining a threat as any person, event or action that could materially harm TASC, with three categories of threats: operational, foundational, and strategic.  An operational threat is anything that could affect our ability to serve our customers, examples include being unable to communicate with our customers or unable to perform disbursements.  Threats to our foundation affect our money supply, our owners, management and staff, our product offerings and brand image, and our corporate culture.  Strategic threats include anything that impacts who we serve, how we serve, and how we operate.

The next step involved predicting the probability of the threat actually occurring and the potential impact on the company. This part of the review helped us determine the state of readiness and preparation required to address each type of threat.  As a consequence, any threat that was rated high in probability and high or medium in impact now has a corresponding plan in place or under development, an action plan with careful attention to what we must do to mitigate the impact, and who is responsible.

Here’s an example: One threat we identified concerns the threat of employee fraud, defined as theft of money.  This threat could affect our foundation, as it would impact our money supply.  We set the probability of this occurring at medium, and determined the impact on the company low.  We decided on two actions to mitigate this threat: to develop systems with safeguards, and to separate employee duties.  We are doing this and more.  TASC has outsourced with a Fraud & Ethics Hotline: Confidentially Speaking.  By calling this line, employees, customers and vendors can report misconduct, fraud, incidents, and other concerns without fear of retribution.

Through this process, we identified threats.  We took steps to lower the probability of their occurrence and to limit potential impact on the company.  The end product is that TASC is more stable and secure than ever before, meaning you have further assurance that TASC will be around to serve for a long time.


%d bloggers like this: