Communities of occasional users can provide meaningful information and act far faster when the right system is put in place. These communities are made up of the knowledge experts and are the operational specialists. These are the trusted vendors that are part of your extended organization.
The occasional users will thrive when you provide a personalized experience that only gives them what they need. The result will be subject matter experts and frontline workers contributing key information directly that allows you to fully understand the organization and manage effectively.
But for a community to be trusted, the information pathway must be secure. And of course, information must be easy to contribute and retrieve to encourage broad groups to contribute easily without any friction. Automation must drive action to keep a diverse community operating as a unit.
The whole system must seamlessly connect your communities to the information foundation you are building. By integrating information directly, you can reduce effort and errors in translating or reentering data. This also allows you to trigger immediate responses automatically to mitigate risk and drive action with ease, as no time is lost with information immediately available in your core system.
With the right technology at the center, risk managers, business continuity managers, and IT managers are reaping the benefits of extending access to key information to various communities that contribute and share information to better manage risk in a completely secure way. And by building on the central information foundation, each community can interact across communities when it makes sense.
Communities that are important to a risk manager can come in many forms, and constituents may be part of multiple communities at once:
A large banking customer has defined a community encompassing their vast IT organization as occasional users of the risk system targeted at participating in full-day IT recovery exercises. The community can contribute to plan building and submit issues or improvement suggestions and can even be assigned follow-up work so improvements are tracked and completed.
Another consumer financial services company has defined a community around policy adherence, allowing two-way communications through a simple application when policy managers need to communicate about specific findings. Data flows directly to the core risk system to trigger workflows and impact metrics.
A major retailer has established a vendor community as part of their third-party management program where vendors respond directly to security assessments and then stay engaged once they are approved. Engagement beyond the initial assessment includes receiving and electronic sign-off requests on adherence to changing policies, participation in business continuity exercises, and getting called to action during an incident to keep the companies operating successfully together. Because everything is integrated, important changes can be alerted to exactly who needs to know virtually immediately.
Establishing these communities meant configuring a portal to access controlled pieces of the risk system directly and integrating selected capabilities and building blocks to fit each group’s needs. Having the right system makes the process easy and creates an engaging experience so users contribute and receive information easily. The result for the risk manager is much greater insight and the ability to impact outcomes with more complete information. The alternative is going backwards and ignoring the importance and power of engaging communities directly.
Ready to learn more about how to engage your communities? Check out our Community Connector.