Perspectives on Application Security and Risk Management

In my last blog post I discussed information security risk management and why the financial services sector aggressively adopted the practice. My recommendation was that the healthcare industry segment needs to follow suit to increase the effectiveness and efficiency of their information security programs. It is refreshing to see evidence that this is taking place. Last week at OWASP’s AppSec USA conference some leaders from the healthcare sector shared their perspectives on information security risk management.

The panel session, entitled “Characterizing Software Security as a Mainstream Business Risk,” represented application security and risk management experts and executives from both the commercial and public sectors, including: Tom Brennan, CEO for Proactive Risk and OWASP Board Member; Ed Pagett, CISO for Lender Processing Services; Richard Greenberg, ISO for the Los Angeles County Department of Public Health; and John Sapp, Director of Security, Risk and Compliance for McKesson.

Rather than focusing on technical issues associated with application security, which you might expect at an OWASP conference, the panel focused on the discussion of risk and the build out of risk management programs. Much of the discussion centered on how the key drivers for risk management needed to be expressed in business terms such as patient care outcomes, customer satisfaction as well as revenue and profit.

Greenburg, from the public healthcare sector, said that for the Los Angeles County Department of Public Health, “It’s all about getting straight to patient care. The department doesn’t really care about IT nor understand what application security is. They can, however, understand risk in the context of their business; how an application security program can help or hinder them from providing the best care possible.”

Sapp from McKesson continued, “When working through the development of our risk management program, we looked at how our application security programs are helping us to achieve our business objectives. Of course, this doesn’t mean we turn a blind eye to technology and security such that we put the business in harm’s way; we certainly don’t want to facilitate a breach. But, a deep dive into the technology isn’t the discussion we were having during our risk management program planning; we left that discussion for the security operations team to engage in outside of the risk management program discussions.”

The panel offered some guidelines to help other organizations build their own application security and risk management programs:

Speak in terms of the business. For example, focus on how to ensure secure banking transactions, how to guarantee private and highly resilient patient care, and how to deliver trusted services to employees, partners, and customers.
The answer is never simply ‘buy a tool.’ Avoid blindly buying products in the hopes that they will solve your application security and risk management problems. It is important to first understand the objective of the risk management program and then select the right tool (s) for the job. As Sapp put it, “a fool with a tool is still a fool.”
Gain a wide range of allies, both deep and wide – focus first on those that have revenue-generating responsibility, followed by those that have audit and compliance responsibility.
Find in-field leaders and champions to establish some grassroots efforts. Leverage your project management team to achieve a quick win or two and then use them as case studies to progress the program further.
Leverage frameworks such as ISO 27002 to establish a baseline level of guidance of how to build out your risk management program and your supporting application security program.
In terms of some guidance for those in the healthcare industry, Sapp from McKesson noted the some highlights from their risk management program.

The top four goals McKesson focused on were:

Harmonizing processes and investments surrounding risk management
Improving the overall risk management process
Establishing application governance
Delivering transparency and visibility through the risk management program
To achieve these goals, McKesson defined a complete set of risk management categories designed to help define, implement and measure progress. Some sample risk management categories include security, quality, privacy, legal and third-party components. Each of these categories play a role in managing risk, and by defining them up front, McKesson was able to establish a comprehensive, formalized risk management program for the entire enterprise. McKesson’s program is designed to encompass its own business risk as well as the risk associated with the products, services and solutions it offers to its clients.

Within each category, McKesson would look beyond the security risk and the business risk; it would do a deep dive into the risk/reward analysis and focus on how to gain the most reward while mitigating or avoiding the most risk. One example of this analysis would include how to lower the total cost of ownership of a system/application versus mitigating the risk to avoid increased operational cost. Another example would include how it could achieve high levels of application quality and resiliency as a reward while mitigating the risk associated with application failures and other critical errors. One final example would be how McKesson could increase the likelihood and close rate of its own sales efforts while reducing the cost of customer acquisition versus mitigating the risk of having competitive disadvantages (such as poor security or poor application quality).

With its program framework in place, leveraging the OCEG (Open Compliance & Ethics Group) framework as a baseline, McKesson began to focus on implementing an integrated application security program. The order with which the company performed the application security analysis was:

Applications that were seeking certification on HITECH (Health Information Technology for Economic and Clinical Health).
New applications that were in development or on the roadmap for development.
Legacy applications that possess the high revenue value for the company.
This analysis and prioritization enables McKesson to make clear, calculated decisions on how to proceed with IT security and application security in relation to its overall risk management program. One such decision revolves around which applications to update or end of life. Without this analysis, McKesson could be making decisions based on poor or limited data, investing potentially millions in systems and applications that should have otherwise been rebuilt or replaced.

With the program in place and the prioritized analysis performed, McKesson was able to select a set of application security products, code analysis tools and consulting services to perform routine risk assessments, prescribe risk mitigation tasks, implement secure application development best practices within its software development life cycle and provide management visibility into the status of an effective risk management program that is application security enabled.

Visit http://1ufabet.com to find out more regarding ufabet In case you're interested in knowing more info on esports betting site, stop by winners If you are not interested in ace333 , then you have already missed a lot. It is so pleasant to work with experts. Learn more to find out more regarding Knee joint supplement.

The Paradox of a Predictable Failure in Risk Management

The current crisis the world fell into two years ago had certainly the widest range of qualifying attributes: financial, economic, social, industrial, and maybe lethal as it dramatically affected and eventually destroyed lives beyond the point of no return. Described by contemporary economists as the worst ever crisis experienced by America for a hundred years, it was however another repetition of what seems to be a cyclical phenomenon: the 1929 crisis, the energy crisis in 1973, that of 1997, and more recently the internet bubble. And despite the lessons learnt from the past, with the technology evolving exponentially and the refined risk management, societies, corporations, institutions, and governments failed yet again by not having the right controls at the right time, substantially creating spiraling consequences that took investors and the wider public by surprise. The causes of the 2008 crisis raised numerous questions, some of them leading to the foundations of today’s capitalism and one of the common sins of humans: greed. Nevertheless, one could have hoped that, with the dynamic of industrial countries and the norms of audit and compliance such as those of Basel II and III, in which operational risk and credit risk are separated, the international financial system would be protected against the collapse of the bank sector. But this was without counting on the intrinsic failures of these very norms, standards and risk management tools.

As a matter of fact, the crisis finds its roots in a simplified scheme: the lack of accountability, mortgages and default on large amounts of money against little income, and finally the liquidity for which the same institutions failed to have sufficient capitalization to cover immediate large needs when the whole system started to present default cracks. The problem of sufficient capitalization became a recent issue with the rise in the prices of commodities, whereas speculators can highly leverage their buying power without offering a real financial counterpart in exchange. And that’s certainly why French President Sarkozy recently called for more regulations on commodity markets. However, progresses in that sense are yet to be commonly agreed or applied by governments and leaders of industrial countries.

Overall, today it is the review or maybe the prosecution of an entire system that is taking place. Questions and concerns from governments, investors, officials, and ultimately the public have found few relevant answers so far. The lack of accountability and transparency from the protagonists directly or indirectly involved in the crisis has raised anger and consternation worldwide. The cynicism displayed by bankers and financial institutions who announced remarkable profits for the last quarter of 2010 may be perceived as a new alarm bell ringing for another major financial crisis yet to come.

This paper presents some of the key issues the financial crisis brought into light in terms of risk management and lack of control from corporations, banks, auditors, credit agencies, and governments. It does not aim to provide a solution but rather gives the reader a fair understanding of what could have been avoided or improved and what may come again should the global financial modus operandi not be drastically changed.

Analysis of the Financial Crisis

An article published in the International Business Time, Financial Risk Management: Lessons from the Current Crisis… So Far, ideally summarizes thesubstantial work that has been done to date to analyze the recent economic crisis and cites examples such as: “Enhancing market and institutional resilience (Financial Stability Forum); Credit risk transfer (Working Group on Risk Assessment and Capital); Observations on risk management practices during the recent market turbulence (Senior Supervisors Group); Supervisory lessons from the sub-prime mortgage crisis (Basel Committee on Bank Supervision); Study of market best practices (International Institute of Finance), and; Risk management practices including the identification of risk management challenges and failures, lessons learned and policy considerations (International Monetary Financial Committee).”

Todd Groome, adviser in the monetary and capital markets department of the International Monetary Fund (IMF) interviewed by the same magazine, asserted that “the epicenter of the market crisis was sub-prime mortgages and structured credit products. With them came innovative financing, such as asset backed security CDOs (Collateralized Deposit Obligations) which were followed by more potent variations such as CDO-squares (baskets of CDOs), and synthetic CDOs (CDOs combined with credit default swaps).” Risks were often under-estimated partly due to product complexity and over-reliance on quantitative analysis, including that done by rating agencies which produced reports that were either wrong or purposely misleading. As Groome pointed out, “taking write-downs in illiquid markets will amplify the loss.”

The downfall in housing prices impacted market downfalls. As such, creation or destruction of wealth often relates to consumer spending and as such may be uncertain. Meanwhile, the direction is quite similar. If one goes down, the other tends to follow. Negative trend implies negative trend. Nevertheless, weak risk management isn’t the only reason. Banks and financial institutions regularly rely on data related to a particular period. However, economies can also experience a non-recurring event when the economy moves into unknown or grey areas.

On another plane, bad risk management still played a role. The problem is that despite the fact the models given in a particular circumstance may have been correct pretty much everyone who has them will use them, all at the same time. This phenomenon tends to increase systemic risk and as such it relates to technical market analysis. Indeed, if there is a consensus amongst users over a specific event, say a bullish trend, everyone is likely to follow that trend and buy at the same time, thus creating a momentum. But for how long will this last?

Cracks in Risk Management and Regulation Opacity

The recent crisis also highlighted a failure in risk management on a large scale, due to a failure of the techniques employed, and the fact that some of the risk managers were not well informed. The home market in the U.S. was the nest in which everything began. Low interest rates and government promoting home ownership by with no or little regulations played a role in the increasing demand for home purchases. Underwriters passed questionable loans over highly leveraged investors in order to create even more loans, fueling a spiral of non-recoverable dirty assets.

What is flagrant today, looking back at the whole process, is the fact that the risk assessment tools used by some investors, despite their sophistication, did not give a realistic picture of what was happening. In other words, although they were certainly giving sufficient information on the potential risks that lending huge amounts of money to low income individuals would create, the likelihood of such risk spreading to a rather large population was totally dismissed by the whole chain of command. Modeling rare events is certainly what the error is all about and not taking them into consideration was the effect that catapulted the system towards a major failure.

Nevertheless, numerous risk managers and experts rang the bell for potential upcoming issues several years ago and whilst greed and arrogance are the common denominators, the irrationality of the markets also comes into light. Clinging desperately to what was an announced disaster seemed to have been the pattern of behavior that inflated the bubble until explosion.

Another root of today’s financial debacle are the regulations applied to some of the instruments used in financial markets. CDOs for instance, often containing a non-negligible part of subprime risk, were heavily exchanged without proper scrutiny from the rating agencies. Transparency becomes a crucial element in the markets’ sustainability. And this is when the accounting standards play a key role for liability valuation and, hence, transparency. The snow ball effect is obvious: no regulations lead to poor transparency, which equally leads to disaster. The financial accounting has proven to be relevant to convey useful and accurate information to markets. Nevertheless, the concept of fair value, for example introduced by the International Accounting Standard Board (IASB) and Financial Accounting Standard Board (FASB), is to “record values for assets and liabilities which are as close as possible to the values these instruments would have in an open market.” As confirmed by Heckman in his essay Transparency and Liability Valuation, the IASB and FASB don’t recognize any difference between methods for valuation of assets and liabilities, which has proven to have perverse consequences as some companies can use the process to turn losses into profits, since liabilities can be valuated at current market price. This has led to the misreading of the balance sheets and profit and loss statements of unscrupulous companies, providing the wrong information to investors and to some extent regulators themselves.

Impact of Liquidity and Failure of the Bank System

The current crisis has shed a light on the fact that the enterprise risk management should not only emphasize the risks to asset and liability values but also the liquidity risk. Liquidity risk is the probability of not having sufficient financial means to cover up liabilities. To some extent, posting collateral poses a liquidity threat as well. In fact, selling off an immature asset engages a loss. As the markets fall into problems, liquidity issues can be drastically worsened as liquid assets become non-liquid.

Liquidity management works pretty much like capital management. As such, the liquidity protection comes with sufficient liquid assets. On the other hand, consistency between cash flows of assets and liabilities can reduce risks pertaining to liquidity. Nevertheless, these strategies may show some limitations during conditions of heavily disrupted markets when credits are unavailable or unsecured. G. Venter in Modeling and Managing Liquidity Risk confirms that “modeling liquidity risk can start with stress tests.” As such, the current market is an example of situations intimately involving assets, liabilities, and credit facilities when cash flow adequacy becomes preponderant. The idea behind the scene is to take into account in the models the different factors which dramatically impact markets. The correlation between price and liquidity comes into the picture and adequately modeling these possibilities can certainly be worth further research.

In 2006, a couple of years before the eruption of the financial crisis, Iyer and Peydro-Acalde discussed the potential risks of an interbank contagion in their research paper Interbank Contagion: Evidence from Real Transactions. They exposed and tested the impact of interbank dependencies over a fraud cause. Interbank markets are crucial to provide liquidity into the overall financial system and actively play a role in monetary policies worldwide as well. The research of Iyer and Peydro-Acalde came to the conclusion that “as the exposure to the failed bank increases, the runs stemming from the higher fraction of deposits held by other banks drastically increase. These results lend support to the theories of financial contagion due to interbank markets.” This is indeed the exact phenomenon observed in 2008 when major banks reached the potential bankruptcy threat. The interbank markets dried up, obliging governments to first inject cash through loans, capital sharing or even nationalization.

As such, the Iceland bank system is now a school case of its own. The three main Icelandic banks, namely Glitnir, Landsbanki, and Kaupthing, were tightly interconnected. With a high reliance on similar macroeconomic models and business partners, they appeared to be dangerously related to one another already on paper. The chain reaction triggered by the difficulties of one bank would mean diminished confidence in other banks, thus shrunk liquidity available from potential resources and financial partners. The worst part of the picture lies in the fact that these three banks encompassed the vast majority of Iceland’s financial system. Hence, one would have conspicuously assumed that a possible failure would have a dramatic impact on the Icelandic economy. However, the reality was often disguised by biased official reports about the financial health of the Iceland bank system, which certainly contributed to further deepen the crisis as investors would be grossly misled.

Eventually, the arrogance of the system ended up in a painful stake. Borrowing in wholesale markets became an issue and banks chose to open high interest savings accounts pretty much everywhere in Europe. As such, Icelandic banks, with government permission, used these savers accounts to provide the liquidity they could not obtain elsewhere. At the end of the story, deregulation and uncontrolled privatization of the financial system in Iceland led to its demise. Lack of ownership from supervisory regulators and governmental bodies and failure to recognize a systemic risk in an artificial economic growth widely contributed to the fall-out of the Iceland financial institutions and overall system.

Ultimately, when the banks were heading for failure the Icelandic government opted for a gamble on resurrection rather than closing the banks down. The government’s bet failed and Iceland suffered a systemic crisis in return.

As reported by the Telegraph in its 10 March 2009 edition, it was now a matter of “twenty billion dollars here, $20bn there, and a lush half-trillion from the European Central Bank at give-away rates for Christmas. Buckets of liquidity are being splashed over the North Atlantic banking system, so far with meager or fleeting effects.” A very alarming situation, quite unreal as one may have observed.Numerous economists are now warning the world’s central banks to focus on the right issue now rather than later. Creating further liquidity without proper backup means such as gold or a strong economy is likely to fuel the disaster.

York professor Peter Spencer, chief economist for the ITEM Club, said at some point that the global authorities had just weeks to get this right: “The central banks are rapidly losing control. By not cutting interest rates nearly far enough or fast enough, they are allowing the money markets to dictate policy. We are long past worrying about moral hazard.” For instance, in Europe, the European Central Bank (ECB) was facing a dilemma with a record high inflation forecast at 4.1 per cent in July 2008, the highest since the monetary union advent. Meanwhile, the worse is probably yet to come as fragile countries such Iceland, and now Spain, Italy and Greece, which are sharply falling into recession, may be running out of liquidity and may have to be backed up by other European members. The question at the end is: Will the European tax payers accept to pay this bill when their own country is at risk? Hence, this may show the true reality of the Eurozone: the weak solidarity of a supposedly mature organization, in fact not quite yet ready for the real thrill.

Finally, major banks like Citigroup, Merrill Lynch, UBS, HSBC and others have recently stepped forward to reveal their losses. Two years after the crisis hit the world, the IMF (International Monetary Fund) estimated the total losses to reach $2.28 trillion. But it seemed to have been just a beginning.

Passing the Risk: Who is Next?

As described above, financial crises appear to be repetitions of History. Working cyclically, they differ from their inherent nature though. For instance, the current crisis rose from the weakening of the U.S. home market and became a global crunch. Furthermore, the fact that the problem spread from financial and banking sectors to the entire economy at a global scale in such a short time made it a quite unique momentum. Increased speed, advanced communications and information technologies evolving exponentially have created a greater risk with deeper and long lasting consequences as ever before. Global markets with stronger interdependence and high complexity are paradoxically more prone to correlated risks.

Most people are driven by the simple desire to succeed and do well financially. This means they work harder, enhancing productivity, creativity and innovation. But where and when does this legitimate feeling get overtaken by greed and unscrupulous envy? Why does a minority change the principles of innovation into a gambling leverage for immediate profits?

If one considers some of the past economic crises such as the London Market Excess (LMX) fall out in the late 80’s and the equivalent substitutes during the following two decades, they all started at some point from promising innovations. These initiatives were all new and seen as very profitable during the early stages. And they all implied a promise on huge benefits, fast and furious. However, the promise turned hopes into ruin and despair. Out of the multiple questions this series of dramatic and unfortunate events can raise, some of them could pose the problem of the impact of risk management that is meant to promote innovations that work and praise individuals for their will to succeed.

Two important factors can shed some light: the fact that new communication means have propelled the finance community to another level of instant profits driven by frenetic greed. Rumors, news whether good or bad instantaneously drive markets to their best or worse. Data signification is amplified far beyond comprehension in a momentum that magnifies exponentially in spiral dive fallout when not controlled adequately. And on another plane, looking at the amplitude of the issue, there is no doubt that financial markets, industries and economies are now fully interdependent. The impact economic and financial shocks can create are far beyond the spectrum of a region or even a nation and can be wide-spread on a global scale instead. While the LMX fall out was limited to the reinsurance market in U.K., the Internet bubble at the beginning of the past decade had a wider range globally but yet remained restricted to investors who had placed financial interests in the sector. From a weakening home market in the U.S., the 2008 crisis shortly developed into a global financial issue bringing down economies, industries and sometimes governments worldwide.

A parallel can be made between the LMX spiral and the subprime fiasco that ignited the global crisis. CDOs and similar financial products were created to temper the risks generated by unscrupulous investments by diluting them into cleaner credits. However, the plan did not work as expected and spread all over the credit system. In fact, Schwartzman (2008) confirmed that the LMX spiral and subprime debacles share similar roots by saying: “an attempt to mitigate risk by spreading it to market participants, a series of new and complicated instruments not understood by most people and not even well understood by market professionals, a pool of unsophisticated investors not adequately advised of the risk they were taking on, a collection of unscrupulous brokers who took advantage of the situation to increase commissions by encouraging as many deals as possible with no concern as to how they might play out in the future, and huge profits that continued as long as nothing happened to change the situation on the ground.”

Conclusion: Towards a New Order?

Following the debacle of the financial and banking systems in 2008, one could have hoped that executive managers would be taking a more serious insight of what risk management is all about. Indeed, their priority has always been to successfully run corporations in which investors had shares and interests. As such, incentives based on performance should have sent a clear message to these top executives who should have then adjusted the risks they were willing to take for their company and somehow as well as for themselves as professionals. But this is the theory of should have happened and not what happened at the bottom of the chain. Indeed, the fiduciary responsibility of many was not met.

Meanwhile, the vast nebula created around financial markets has, until recently, hidden the fact that the credit crisis was in the end caused by unscrupulous people who were seeking short term profits rather than long term growth. Lenders with few scruples did take advantage of credulous borrowers, and fortunately or unfortunately these lending businesses disappeared killed by their own counterproductive strategies. Borrowers lied about their incomes to live in homes they could not afford in reality and were given full consent by lenient banking institutions. This spiral of controversial and ineffective stubbornness towards failure could have been stopped or maybe controlled if a relevant structure of regulations had been put in place. Improved and stricter regulations on loans policies could have avoided a large chunk of the crisis dramatic effects, but will those rules, if ever truly and transparently implemented, ever prevent futures crises?

Unfortunately, history reminds us that for each regulation or procedure created there is a loophole that can be exploited. Hence, the whole issue lies in the effective design of regulating systems, taking into account the various risks inherent to the relation between economies and private investments. Better focus on the matter would certain reduce systemic problems in the future and it is becoming now a serious concern in Europe and the U.S. who are looking at introducing enhanced reforms on the regulatory system and the quality of rating agencies. Improved risk management is now a definite requirement. The systems in place today are too limited to encompass the numerous issues they are intended to address. Hence, weak risk management systems imply more risk. The role statistical and probabilistic models play in the equation is far from being negligible. However, they often tend to focus on the wrong perspectives such as the occurrence of a major loss in a year rather than the likelihood of a Black Swan event for instance. As such, models must not be considered as finite and should evolve and adapt in correlation with their environment. The key to prevent markets from dramatically failing beyond control may also simply lie in the capability of predicting these rare events, a concept that is yet to be fully understood and mastered.

Risk Management Certification: Becoming A Risk Manager

A risk management certification is a great example of a rewarding and useful business accreditation that is achievable by any individual with sufficient academic training and work experience. These certificates are conferred by a variety of different oversight associations that monitor the risk management industry, and work with professionals and academics to move the industry forward.

Earning a certificate in this area can lead to a variety of different and rewarding careers. Each of these diverse paths represents a unique and exciting opportunity to realize an increased feeling of prestige and sphere of responsibility within the workplace, as well as earn a greater level of income. One example of a career in this area includes becoming a business management consultant that specializes in risk identification, analysis, and mitigation. However, the majority of individuals who obtain a risk certificate become internal risk analysts or risk managers within a specific organization

When an individual completes a certificate in risk, they are exposed to a broad, skill-based management training curriculum. This certification training prepares the individual to become a competent, resourceful, and contributing member of an organizations management team. A certified risk manager is trained how to identify the unique business risks the organization is exposed to, how to analyze both the risks themselves and the factors that drive their occurrence, how to quantify both the probability that these risks occur as well as their impact should they occur, how to prioritize the risks and devote appropriate resources to their mitigation, and how to monitor the organizations operation to predict when risks may occur.

A successful manager of risk must not only understand the ins and outs of risk identification and risk assessment, but must also possess an understanding of resource management and also be an effective communicator. This manager must be able to prioritize the risks the company is exposed to, and focus resources both efficiently and effectively on the mitigation of the most threatening risks.

Some other roles and responsibilities of a typical risk manager include;

Within some organizations a manager of risk is charged with overseeing the company’s compliance with government regulation, legal code, or industry specification.

This manager can either me a member of a risk oversight team, or be charged with overseeing the team itself. This team is responsible for conducting the day-to-day processes of risk management, and working with representatives of senior management to guide risk-mitigated decision making.

Adapting, developing, implementing, monitoring an organizational risk identification and monitoring policy that outlines and codifies the organizations approach to operational hazards.
Many organizations, especially larger company’s with expansive operations, have a top-level risk oversight position, such as a Chief Risk Officer. This C-suite level position is responsible for the overall effective and efficient governance of the organizations business risks, and reports to the company’s executive committee or its Board of Directors. Any individual that is interested in reaching this exciting, rewarding, and prestigious executive position would be very well served to earn a risk management certification.

Applying Collective Intelligence in Risk Management

I was reading a risk management blog today and was very impressed with the technical article covering various aspects of solvency and valuation of insurance industry. As I was reading it, my mind analyzed the information with respect to various laws, sections, cases etc. After finishing reading it, I took a breath and thought- “I actually felt like referring to various books to understand the article, will a regular business operation employee actually understand it?” This resulted in a depressing thought- “I do the same, to show my knowledge; I mention sections and case laws of various acts which leave business people stumped.” Well, in my defense I will say, it gives a heightened sense of satisfaction and success.

Somewhere I feel risk managers ( referred to as RM) are having their cake and eating it to. The primary responsibility of managing risks is of business operation team. The RM’s role is of a support function, a facilitator to the business. The business managers are not being provided with the necessary information, knowledge and tools to proactively manage their risks. Let me explain why I am making this statement.

In their role as auditors, they are focused on what went wrong in the past rather than equip the business managers to how to deal with the future. It is a feedback rather than feed-forward system working. The other aspect is that they in their role as advisors issue guidelines and policies without the complete involvement of the business people.

Scenario 1: Let me take a scenario here of implementation of information assurance policies. The RM will discuss the overall requirement with the business managers, prepare the policy, take feedback regarding it and then issue the final policy. Then they will tell business users to implement it. Since in quite a few areas implementation may not be possible, exceptions will be granted to the business users. In nutshell, around 75% of the policy only will be implemented.

In both these roles the involvement of business operations team is minimal at the commencement of the project. They are expected to implement the recommendations.

Considering the above mentioned short comings in the above mentioned approach, I wished to explore the concept of collective intelligence and its applicability to risk management functions.

As a first step, let us understand the nature of information and intelligence which risk managers require to conduct their jobs:

1) Organizational Intelligence- Information regarding processes, structure, culture and technology. These they normally get from the business managers through interviews and review of standard operating procedures.

2) Commercial Intelligence- Information regarding the external environment- customers, suppliers and competitors. This information they obtain from interviews with business managers, customers and suppliers. Other sources are various media and research reports published.

3) Technical Intelligence – Information regarding the various laws, acts, methodologies and tools applicable for risk management. RMs have the knowledge on how to conduct the risk management while using this information appropriately.

As can be seen business managers have more information and knowledge on two of the three intelligence capabilities required for conducting risk management. In a more collaborative approach the risk managers should be able to impart their skill specialization to the business managers effectively.

The question is how can this collaborative model work? Let me take the example again of preparing information assurance policies.

Scenario 2: In this scenario the RM puts up the objectives of preparing and implementing information assurance policies along with a table of contents and broad outline on the intranet. Now it is open to the employees to contribute and decide how it should be developed and implemented. The employees comment on what is applicable, how the process works, what are the bottlenecks and challenges, who should review it, how it should be implemented etc. The RM identifies the major contributors and meets them up to interview them. Based on the web interactions and meetings, the RM prepares a draft policy document and uploads it on the intranet. Again the employees are invited to review the same and provide feedback. After incorporating the feedback, the risk manager proceeds to obtain approval of the senior managers.

In this approach the RM has the buy in of the employees before the finalization of the policy. Hence, implementation will be easier since employees feel a sense of collective ownership and responsibility. This will enable adoption of information assurance polices as part of organization culture.

To further delve on the approach, I am adding the example which I read in “Collective Intelligence- Creating a Prosperous World of Peace” fore-worded by Yoachai Benkler and remixed by Hassam Masum. I have adapted the example “Three ways to storytelling” to the risk management function.

Three Ways of Story Telling- Risk Management Adaption

Let us formulate three societies for risk management: Red, Blue and Green. Each society has specific procedures on how to conduct and discuss risk management activities.

Red: In Red society hierarchical top down approach is followed. All the risk issues/ observations can be reported by the risk management department to the CXO’s. Business operation manager is required to go to their respective RMs to discuss their issues. A business process team member has to route their risk issue/ query through the business operation manager to the respective risk manager.

The senior management issues the guidelines, policies and reports to the business operation team. The business operation team members hear regarding the issues only from the senior management and implement accordingly. In this case, an employee’s understanding of risk issues is at an overall level controlled by the senior management. An employee’s perceptions and knowledge are based on the information provided to him/her by the seniors.

Blue: In Blue society again hierarchical top down approach is followed however with a slight difference. Here the business operation manager can bring up the risk issues directly to the CXO’s attention. Then the risk management department and business operation manager work in collaboration to address the issue. In this case, a change agent from business operation team can be nominated to address the risk issue.

In this scenario, the business operation team members hear about the risks which senior managers, RMs and their elected change agents inform them about. The employee’s perception, knowledge and awareness on risk issues are governed by this select group. Though information is not controlled as in the completely top down approach of Red, it is controlled by the major key players in the business operation team.

Green: In Green society the approach adopted towards risk management is of collective intelligence. Business operation team members can put all their concerns, suggestions and problems regarding risk management on the intranet. The other team members including the risk members would discuss the same on intranet and meetings, to suggest a solution to the issue and mitigate the risk.

In this scenario, the business operation team members discuss the issues which concern them. There is no control from a senior manager regarding the topics to be discussed, and no permission is required for the same. The flow of information regarding risk management is through multiple channels- team members, business managers, RMs and CXO’s. The information which an employee has is extensive and he/she is well informed regarding the subject. The perceptions and awareness is built through multiple sources of information.

The problem with the collective intelligence approach can be that employees have extensive information and on what basis will they decide the relevance and applicability of the information. How will the risk management function operate? The adjacent diagram depicts the steps for using collective intelligence in risk management activities.

The main advantages of this approach are:

1) Risk management department generally faces the challenge of adoption of risk management practices by the business operation team. There are enough people who commence the process, but for implementation a significantly higher number need to be knowledgeable about the issue. This requires focused efforts of building awareness and training. The cost of training and implementation is subsequently quite high. With collective intelligence approach a significant mass of people are already aware and knowledgeable about the issue. Hence, cost and time of implementation is lower.

2) Whistle blowing is the only option which is allowed to employees to bring a critical issue to light. This has a lot of negative repercussions on the employee, management and organization. With open communication, the employees will be able to discuss the smallest issue of corruption, illegality and unethical behavior without hesitation. Risk of exposure will also inhibit employees from indulging in such practices.

3) The other aspect is that this approach fulfills the psychological needs of the employees. The approach provides a sense of ownership to the business operation team and this motivates them to implement risk solutions. The RM are adopting feed-forward system by guiding the business operation team into doing what is right in the future. Rather than focusing on providing a critique on what has been done wrong in the past.

4) This approach encourages innovation and adoption of new ideas. Employees are encouraged to do their own research and revert back with their feedback. They are not told on what they should research on. The diversity in thinking works effectively in providing better solutions.

5) Last but not the least, a sense of collaboration and cooperation exists between all the departments. It breaks down the walls which managers construct to work in silos.

Do you think this approach is worth adopting for risk management function? Presently, most organizations are adopting the Red and Blue society approaches to risk management. What according to you would be the inhibiting factors for applying collective intelligence for risk management of Green society?

Another point not to be missed is which I think might be the unconscious agenda when I started exploring this concept. It significantly reduces the work and responsibility of RMs. They can chill!

Preparing Annual Risk Management Strategy

Organizations would be focusing on preparing the risk management strategy and plan for 2011 as it is the last quarter of the year. Normally, Chief Audit Executives, Chief Risk Officers, Head of Internal Audit, Chief Information Security Officers, Head of Compliance, Head of Ethics and Head of Fraud Risks are very busy in the last quarter finishing off the year-end targets, objectives and key performance indicators. The next year strategy is developed from the previous year reports, observations, balance score cards and risk dashboards. A simplistic risk management strategy focuses on the following:

1) Financials -Developing a budget and other cost indicators

2) Operations- Preparing audit and review schedules. Listing out policies, procedures and manuals to be prepared and reviewed.

3) Resources- Formulating a hiring and a training plan

4) Knowledge – Developing knowledge bases, writing research papers and upgrading risk management tools and software.

Risk management has become complex and critical in the present economic environment. Without sophisticated and skilled risk management departments the organizations may face multiple disaster scenarios. Globalization, technology, economic environment, regulators, competitors, and speed of change, all have contributed in making business operations more complex. Risk management departments need to gear up and develop annual strategy considering these aspects in mind.

Five suggestions for preparing a comprehensive annual strategy are given below:

1. Break the Silo Approach

Depending on the size of the organization, the organization may have a number of departments focusing on risk management. To name some, in respect to the department heads mentioned in the first paragraph, we have Internal Audit, Fraud Prevention & Investigation, Compliance, Information Security and Business Ethics. These departments generally have some overlapping functions and turf wars. Silos are formed and the senior management has difficulty in making sense of various risk dashboards and reports presented by the department heads.

Prepare individual plans for the departments and roll them upwards to have a combined one of all risk management departments. Prepare one single strategy and plan for the organization as a whole to present the same to senior management. Present a plan to the management which emphasis on the top risks to the organization, with a plan to mitigate and control them. The management will have higher respect and provide greater support to the integrated approach. Various risk management departments will also be able to save cost and time on monitoring various risks by reducing duplication of work, leveraging synergies and sharing tools and information.

2. Determine Risk Philosophy and Appetite of the Organization

In some cases, the risk management departments present a risk dashboard to the senior management of the organization. If the CEO of the organization asks “Can I hold you on this? Are you sure that if these top 10 risks are mitigated, the organization will sail through the year?”; the head of the department generally cannot a say a definitive “yes”. The answer is given with a maybe, but, if etc. but not a “yes”. So the question is how should a head of department address this concern.

Risk managers need to determine the risk philosophy and appetite of the organization. To assess the risk philosophy, understand the organization culture and environment. The way business operations are conducted daily and the organization’s strategy are good indicators to find the risk philosophy. Assess whether business has an aggressive or conservative attitude towards risks for achieving business goals.

Risk appetite is the amount of risk which the organization is willing to take to undertake business activities. A simple question to ask the board of members would be -“What amount is going to make you uncomfortable if it appears in the business newspapers?” Consolidate the risk exposures from the various risks identified by the risk departments and present it to the board. Finally, assess whether the company’s internal outlook on risk philosophy and appetite are consistent with the viewpoints of the board and other stakeholders. Realign the two where required to prepare the annual strategy.

3. Understand and Integrate with Business Strategy

In a few companies, the annual strategies and plans of business and risk management are drawn up in parallel, with neither having information of what the other is planning. The risk management strategy cannot be internally department focused. The risk department heads need to obtain information on the business strategy of the organization to understand strategic risks.

For example, obtain information on new products and services which the organization is introducing in the coming year. Identify the territories, branches, and countries which the organization is planning to expand its business operations. Determine what will be the risks of expansion and innovation. Let us say, a USA company is planning to introduce its products in India. Now India has different laws, regulations and taxes. Also, the operational risks are different. Understand these risks and integrate them in the annual strategy and plan. This way, neither the risk management departments nor the business operation departments will be surprised. The budgets and plans would be incorporated and approved before the year commences, hence there will be limited fire fighting.

4. Focus on Building Relationships

One of the grouses which risk departments have is that they are not on CXO’s radar, do not have direct reporting to the top or representation at the board and are sidelined from the critical business operations due to negative perceptions.

Plan for the coming year and prepare a wish list. Include in it time required from CEO and other CXO’s, formation and membership of risk oversight committee, a new organization structure with the head directly reporting to CEO and a nomination at the board. Discuss these aspects with the CEO and senior management during plan preparation. This will ensure that the senior management schedules the requirements in their plans. Insist that the CEO puts risk management as one of the points in his/her personal balance score card. This will make sure he/she is dedicated and committed to risk management throughout the year.

Discuss the composition of the risk oversight committee and audit committee. Identify the members you wish to nominate who support risk management initiatives. Define the process of reporting to the board and the audit committee. Get their commitment for board nomination and new organization structure for risk management departments. Start the groundwork for building relationships at the planning stage itself.

5. Assess Competitors Strategies

The risk departments are generally happy with what they are doing and discover information about tools and methodologies from various institutes periodicals, magazines and conferences. In a few cases there is some focus on the operations of risk management departments of competing businesses and organizations.

Determine which organizations are competition to the business in respect to products and services in various territories. Focus on finding information of the risk management department operations of these organizations. Find out which risks the organizations faced, how they were mitigated, what kind of tools and knowledge bases they are using, what are the staff strength and the skill set and the organization structure. Will some of the practices result in cost savings and better synergies within business? Determine the similarities and differences, and assess what can be incorporated in your organization effectively. There are some lessons which can be learned from competitors success and failures. Leverage on competition knowledge to learn these lessons.

The above mentioned five points are those which can be easily incorporated to prepare a comprehensive annual strategy. There are a few other things which the risk management departments can look into. Some of them are, introducing ERM, building risk management department’s brand, applying collective intelligence etc.

A single line of advice would be to look at the bigger picture and question the status quo. Put on your thinking hats and prepare a new strategy. Wishing you all the best for preparing the annual strategy.

How To Look Professional Online

There are billions of people who are using internet for professional purposes. It is called online reputation management. No matter what field of work you are in, online content is powerful in making and marring the image of a person. Though no specific rules define professional behavior online but it is advisable to follow some basic steps in order to look more like an expert and less like an amateur. Here is a guide to help you put your best foot forward on the Web-

The best stands out

The internet does not filter out items you don’t want other people to see. If somebody key in your name into Google then it will deliver the most relevant results. So, load the web with professional content that reflects well on your name.

Maintain your reputation

Your privacy and reputation should be taken care of. This process is time consuming but try to dedicate some time to find out and remove dubious content. For e.g. If your friend an objectionable photo on Facebook, try and remove the tag yourself. Make sure, no questionable content should be available related to you on web. Though it is virtually impossible to entirely remove the content once published online but your best option is to keep negative materials from ever hitting the web at the first place.

Protect personal information

Protecting password and other vital information is of supreme importance on the web. If anyone gets access to your account, it may ruin things beyond repair. People get victims of identity theft, sometimes financial resources get stolen and other times computers are hacked. So, the password should not be easy-to-guess thing. Keep on monitoring all accounts on daily basis.

Branding is must

Maintaining online reputation is not just being safe about your data but think of your online reputation as a product that needs to be marketed continuously. Creating a business fan page on Facebook, joining professional sites like LinkedIn, writing a blog are some of the effective ways to manage your professional presence. It will be great if colleagues and clients review your services or goods. Honest reviews are powerful. Never forget smart web surfers can quickly spot fake reviews. Try to be consistent with messages and profiles. While writing content, make sure you use the same logos, slogan and even fonts. When anybody offers criticism, respond amicably and figure out the solution to solve the problem.

Cash your expertise

It is important to be online to pump up your reputation in unlimited ways. There is no better way to present yourself as a well-rounded, trustworthy professional than blogging about a topic that interest you. This initiative will help you establish as an expert on a relevant subject. Even you are not among world’s top experts but putting a thought and value into online content is always appreciated.

The internet memory is accurate

Internet never forgets. If you put write anything online, it is there forever. So be cautious and vigilant what you are feeding it. Not everyone is happy with the internet’s long memory but your vigilance is your best protection.

Impact of Smart Technology on Data Entry Processes

With evolving smart technologies, the entire process of rendering data entry services has become way easier. Smart technologies are now helping businesses strategically and economically by generating data from every possible source including mobile phones, industrial equipment, smart accessories and personal computers.

Data entry services are considered to be “smart” on their responsiveness with respect to the incoming data. Businesses are looking for effective ways to manage data for obtaining better value and supporting their ultimate objectives.

Smart technologies tend to engage people and various smart devices with the related business, for better processing and collection of data from designated sources. For supporting and coping with the current evolution of such technologies, processes are being constantly renewed.

There are various smart applications that enhance data analytics processes and make them even better. These include Cloud Computing, Internet of Things, Smart Data and Machine Learning.

Need of Smart Technology
Data entry services, when offered with smart technologies provide real-time data processing, thus improving business’s economic growth and providing a business-friendly option with efficient data management.

When looking for a suitable smart app for your business, you should always consult a data entry outsourcing company.

Nowadays, businesses are striving for more innovative strategies while incorporating these smart apps.

It eradicates the need of paper documents.
It provides innovation with a customer-centered approach.
These technologies are all industry-oriented, providing accurate results
These are scalable and easy-to-adopt.
They work even better with unorganized data volumes.

Collection of Data via Smart Technologies
Smart technologies assist in collecting and assembling data through:

Intelligent Capture replacing template-based data extraction with an efficient capturing module and natural language understanding.
Mobile Data Entry for collecting data on various mobile devices, enabling smart data entry services.
Robotic Process Automation (RPA) providing the latest smart recognition technology for improved data processing.

Data Alteration through Smart Technologies
For better use of these technologies, data entry services and methodologies are continuously being reshaped and revised, allowing organizations to take competitive advantage, along with enhancing cost-efficiency and security of business operations.

Smart technologies include Artificial Intelligence, Machine Learning, Internet of Things have now replaced manual processes that are more time-consuming, providing lesser room for human errors.

Let’s talk about a few of these technologies:

Artificial Intelligence and Machine Learning are more responsive and secure when it comes to managing any repetitive task, recognizing various patterns and enhancing the accuracy level.
For expanding number of data sources and creating a connection between people, internet, devices and businesses, IOT (Internet of Things) is used extensively these days.
From cloud computing services based on data entry services, businesses can derive benefit and manage the complexity of their data infrastructure.

Effect of Intelligent Technologies
Smart technologies are drastically casting a positive impact over data entry services and rendering a friendlier approach, providing benefits in the following ways:

Better and more composed process, leading to reduction of human errors.
It has become faster and more efficient with easy management of data in bulk and from different sources like paper forms, scanned images and much more.
Streamlining the business operations and changing the perception of businesses to deal with data management projects.
Increasing the potential to scale data entry processes and utilize innovative techniques.
Enhancing the ability of businesses to manage remote projects more effectively and receive client data irrespective of network availability.

With data entry services supported by smart technologies, you can better achieve your business goals with an efficient management and processing of data.

Understanding the Importance of Residual Income

This article is aimed at explaining the importance of building residual income and also to explain the need for individuals to leverage network marketing business model if their dreams are to gain financial and time freedom. So, even if you presently work a job or business, it is needful that you pay attention to network marketing so as to develop residual or passive income over time.

The commonest way that people define residual income is “income earned while sleeping”. Is it really possible to earn income while, all the while, you are asleep? This may sound strange to some people but, yes, it is possible.

The importance of residual income in a man’s life finds expressions in the statement of the billionaire investor, Warren Buffet, in which he stated that “if you don’t find a way to make money while you sleep, you will work till you die”.

Residual income is a concept that many ignore without understanding that their future well-being is dependent on it. And with what result? With damaging consequences.

By going to work every workday and receiving a salary at the end of the month, you’re simply exchanging time with money. Your salary is not residual. If your work stops, your income stops automatically.

Let me explain residual income with the following example.

Imagine two men in a village. Both have to walk a mile every day to a river to get water for their families. After a month, one man starts working on building an underground pipeline to connect the river to his house. For an entire year, he expends extra energy working on his pipeline. When he finishes, he has the source of the water directly to his house, while the other person continues to visit the river.

Residual income is like building a pipeline to connect water from the source to your house so that you don’t always have to go to the river.

In that short example, you will notice that it took some time for the pipeline to be constructed. But having done that, the man continued to enjoy water supply effortlessly.

However, the second man who failed to take the same initiative had to continue to visit the river for his water supply. What will happen if he becomes indisposed? He and his family will stay without water and suffer its consequences.

There exist many business initiatives that you can leverage in your effort to build residual income. But I do recommend network marketing, or MLM as some would like to call it, due to the fact that it doesn’t requre a tonne of investment capital to set up.

A lot has been said about network marketing by various network marketing professionals but many still feign ignorance about it.

The reasons people WON’T take a look at network marketing is NOT:

• because they don’t have the money.

• because the opportunity or business isn’t good.

• because they are worried about being scammed.

• because the profit margins aren’t high enough.

• because the demand for the product isn’t wide enough.

• because they need to ask their spouses first.

• because they need a night to sleep on it.

• because they need more time to research the company.

• because they need to get on the phone with you to join.

• because they have to ask other people on Facebook to see if you’re a good sponsor.

• because they need to see your bank account to prove the results.

• because they don’t believe in it.

The real reason they don’t join network marketing business opportunity is that they have been conditioned by society to be consumers of goods and not producers.

.They have been conditioned to buy “education” but not to buy knowledge.

.They have been conditioned to have a “job” but not to own a “business”.

.They have been conditioned to be workers but not to be their own bosses.

.They are non-thinkers instead of go getters

.They are intimidated by anything that challenges them.

That is what this is really about. It’s about people who are so afraid of learning, and stepping out of their comfort zones and being paralyzed by their fears.

It’s about being comfortable and caring what other people might think. It’s about their family thinking they are FAILURES if they do anything besides just having a JOB.

If you’re working presently, understand that you are only exchanging your time and effort for the pay cheque you receive at the end of the month. That’s okay though but by going to work every day, you are not building residual income which is the pipeline that will enable you to get water supply without having to go to the river.

Why It Pays to Have a Multiple Quote Website

Why it is necessary to get a reliable insurance company in today’s world: there are certain straightforward trademarks of all insurance companies, through which we can distinctly differentiate between them.

Go through the reviews of well-reputed and creditable resources which can assure you that the insurer you are opting for works for your benefit and secured contentment.
Shop around for comparison because there might be companies in market providing premium policies at a dirt-cheap rate, but many a times those companies aren’t legitimate. So, go through policy details and settle for that particular insurer who facilitates all coverage without cutting down the market rate to 50% but at the same time is comparatively cheaper.
Lastly, consider experience as the most important trait of the insurance company. Check their expertise in the field you are concerned about, and if their issue of license has a greater number of years in terms of longevity, then go for it without hesitation.

Categories of coverage: A cobweb of insurance companies is present, offering insurance for multiple categories like:

Insurance for Cars: Two things every car owner should keep in mind while selecting the insurer:

While liability insurance is over-priced, the common policies are quite cheaper in comparison and some other policies are dependent upon the model of your car.
Never allow lapsing of the policy you are paying for.

Insurance for Homes: The most fundamental and common homeowner insurance policies cover at least four of the following criteria:

Coverage that shields your home.
Coverage that protects other liabilities.
Coverage that guards personal properties.
Coverage for the surplus living cost one has to pay in life.
Coverage for undone properties.

Insurance for Health: In this resilient economic condition that we are living in, there is one insurance policy called HDHPs or Catastrophic Health Insurance policy on which every consumer is banking for fortification in emergency situations.

Life Insurance: Points to be noted when investing in life insurance premiums:

Check your financial service aids from which your family can draw.
Write down a rough description of all your long-term financial requirements.

For some companies, there isn’t one particular website for all the information on these categories. Hence, digging through multiple sites and reading along the lines of criteria for multi-categories of policies is tedious and difficult.

So, for all the purposes mentioned above, you need a website which contains concise and updated information on multiple insurance quotes.

The kind of information available on multiple quotes websites: The procedure for proper operation of the websites varies, but the end result remains the same, which includes the following:

They are equipped to present us with the perfect coverage plan according to the basic details about us and our personal requirements.
Easy comparison of multiple insurance quotes so that every doubt is clarified and we choose the optimum and ultimate plan for our own benefits in terms of long term protection.
Based on the range of rates that we have set for us, we get both variety and reliability in the form of information proffered by these websites.

Webinars – A Guide to Creating The Perfect Webinars

With the ever-increasing technology in today’s world, the demand for high speed information is at an all-time high, and along with this, the modes of information delivery are also increasing a lot more. With this increase has come a powerful new medium known as Webinars. The term for a Webinar is a “Web Seminar”, which a live-streamed video conference that can be used for businesses and their employees over long distances, which can also be used for online video interviews and related services. Businesses that use this tool can boost productivity and efficiency, as it can cut down travel time and costs and allow issues and tasks to be solved quickly. In this guide, we will explain exactly what needs to be used to make a webinar work correctly, allowing you to break out into the crowd.

As stated above, a webinar is a tool used for live conferencing. This is not just limited to business meetings, but can also extend to business interviews, school and college interviews, marketing a product and even general Q&A’s. However, using this tool can prove to be difficult for those who have no general idea where to start from, and with little to no experience, things could lead to be sloppy and unappealing for viewers which can lower traffic and interest. In order to make sure the experience is a pleasurable one, you will need to know a number of things that will help you expand your knowledge in the field of webinars. In this entry, we will be focusing on a specific aspect of webinars, which is marketing a product, item, or service to a particular audience or demographic.

As a first, arguably the most important aspect of hosting a Webinar is the equipment being used. It should be obvious, but a lot of people will quickly lose interest if the video quality is poor, as viewers will not want to spend their time trying to figure out what exactly it is they’re looking at, quickly prompting them to be annoyed. The next item that may lead them to be just as disgruntled is the general audio quality. If the audio is choppy and inaudible, it will most likely render them unable to hear the opposing party, causing issues and possibly resulting in miscommunication. These issues can usually be resolved by simply acquiring a faster internet connection, as these can be the result of poor connection between both ends. However, if the issue still persists after this, it is more often than not a result of low-quality equipment, and it may be wise to invest in an external microphone and a High Definition camera.

Next, maintain a connection. When it comes to creating webinars, you are constantly competing for someone’s attention. This is why it’s important to make sure your content is both relevant to what the viewer is looking for, and just as important to make the webinars fun and entertaining as to make sure you keep the potential customer hooked in. On average, a general video viewers attention span only lasts ten minutes in, however with marketing webinars, it is an even smaller window. On average, you have only ten seconds hook in a viewer’s attention and maintain it, as more often than not, if this attention is not held they will simply move on to the next appealing product that is being offered. This first ten seconds is crucial and critical. Start out with a relevant and relate-able joke, as a humorous tone will help draw in a viewer.

Finally, learn to keep it real. As stated in the previous entry, it can pay off to maintain a connection and relate with your viewers. This is to make sure you can hook in as much potential customers as possible. The more viewers there are, the more attention your webinars will draw, in turn, bringing even more viewers and creating an upward spiral of success. A good way to do this is being your webinars by introducing yourself with a real life story that will help our viewers to relate to you. By doing this, it shows that you are also a real and relate-able person, prompting viewers to be even more interested in your offers. You can also use the advantage of analytics as a tool. By inputting real life statistics into your webinars, this shows your viewers that you aren’t simply trying to sell than item, but you are showing them a crowd of other customers that also believe they need this item. This can trigger a response in your viewers that lead them to be even more interested.