https://pmclass.s3.amazonaws.com/Qi+Gong+-+Main+Video.mp4
There seem to be a lot of sightings of “Black Swans” lately. Should we be concerned or are we wishfully thinking, caught up in media hype; or are we misinterpreting what a “Black Swan” event really is? The term “Black Swan” has become a popular buzzword for many; including, contingency planners, risk managers and consultants. However, are there really that many occurrences that qualify to meet the requirement of being termed a “Black Swan” or are we just caught up in the popularity of the moment? Continue reading
This risk story involves a major subcontract that went awry impacting the program and one of my company’s growth goals. The goal was to become the sole provider to the Navy for a mine killing system comprising two major components. One is an underwater kill vehicle and the second one is a launcher (from a helicopter).
To accomplish this goal, we landed a contract with the Navy to design, build and perform tests of a small quantity of units (called first article units). If the tests were successful, then the Navy would establish my company as the sole supplier of this mine killing system. The foreign subcontractor selected had a kill vehicle under development.
As part of the Navy contract and as a subcontractor to us, they would complete development of the kill vehicle, manufacture the first article units and perform tests. We would design the launcher and the subcontractor would manufacture the it to our design. My company, as the lead, would conduct system tests for the Navy with the subcontractor in support. This was my company’s plan to become the sole supplier of the mine killing system to the Navy. Nice plan but bad decisions were made by management leading to a missed opportunity for the company as discussed below.
Background
Management established a win strategy to become the sole provider to the Navy for a new mine killing system. They decided to give a major subcontract to a foreign company that was in the process of developing a small light weight underwater mine killing vehicle. This foreign company could not sell directly to the Navy and needed my company to do so. Their strategy was to work with my company to sell their kill vehicle to the Navy. So, it was a win-win situation for both companies.
The subcontractor scope comprised: complete development of the kill vehicle; build 2 first article units and perform testing on them; manufacture the launcher to our design and support system qualification tests for the Navy. Our scope included: design the launcher; write the system test procedures; conduct the system acceptance tests for the Navy; and provide the program management effort for the program.
During negotiations of the contract, the subcontractor insisted on using their own funds to perform the development of the kill vehicle because they planned to apply it to other markets beyond the DOD (department of defense). My company accepted this arrangement which proved to be poor judgment on their part as it became painfully apparent as the project progressed. Per the contract, the subcontractor controlled the design requirements and schedule for the kill vehicle which would turn out to adversely impact our contract schedule with the Navy.
Early in the program, and in accordance with the terms and conditions of the contract, the subcontractor put in a claim against my company which delayed the program until it was resolved. The basis of the claim was withheld progress payments that my company felt were justified because of the inability of the subcontractor to maintain their schedule. After several months of delay, the claim was settled and progress on the project started moving forward.
First Bad Decision
During the long and intense negotiations for the claim resolution, both sides agreed to put the subcontractor schedule on the back burner and come back to it later. As a result, the schedule was not defined as part of the claim resolution. The program re-started and the subcontractor established a new schedule they could commit to. The problem was, they continued to miss their own schedule each month creating a serious schedule issue with our contract with the Navy. Very quickly management recognized the problem and insisted the subcontract recover their schedule and make it part of the subcontract. The subcontractor insisted 2 additional months be added to their schedule before they would accept a contract change. Finally, my company agreed and 2 months were added to their contract. We ended up updating our contract with the Navy to include the schedule growth after a very painful negotiation. Since our contract with the Navy was firm fixed price, my company incurred significant cost growth (loss).
Second Bad Decision
Basing the success on our contract with the Navy on a subcontractor controlled design for the killer vehicle (the most important component of the system) was a big mistake. Unknown to us initially, the subcontractor was redesigning part of their vehicle to include new requirements for their other customers resulting in delays to our schedule which in turn were reflected in our schedule with the Navy. Once this situation became apparent to us, upper management came down on the subcontractor like a ton of bricks but to no avail since they were protected by the subcontract. Our only recourse was to micro-manage their schedule which we did to moderate success. Eventually, the development of the vehicle was completed and past al of their tests.
Third Bad Decision
During the course of the contract, my company reached out to the subcontractor for a teaming agreement. This was before the critical Navy qualification tests were performed. At this point, the subcontractor upper management told our upper management they wanted a teaming agreement and were excited about the prospects of finally selling their product to the US Navy. However, the president of the business unit in our company did not want to risk a teaming agreement because he felt they may fail the Navy qualification tests. He decided to wait until the tests were completed. Several members on his staff tried to get him to change his decision but failed. The subcontractor passed the Navy qualification tests. The Navy established their kill vehicle as sole source for the Navy’s air and sea platforms. The subcontractor designed and manufactured their own launcher. My company was completely left out. In hindsight, it should have been apparent to the president of our business unit that we had zero leverage with zero subcontractor once they passed the qualification tests.
Lesson Learned
Risk Analysis
It seems obvious that a risk analysis was not done in this case. What would have been the risks?
This is the time of year when millions of kids are told if they’re getting into their college or university of choice. It’s a time of huge stress for kids and their parents.
The kids think that their life’s arc is going to be facilitated by a name university. The parents are anxious to see if their 18 years of mentoring and parenting have pointed their kid in the right direction for life and work. And, oh by the way: who’s going to pay for the educational launch pad (i.e. college)?
So, the kid goes to the college or university of choice. That’s great. Hopefully, your kid gets a marketable degree and becomes most importantly employable.
End of problems? End of parenting. Unfortunately, no.
According to the survey below, most college graduates today are not ready for life or work. And, that’s a huge problem.
Employers now expect today’s graduates to:
· Have a professional work ethic.
· Be able to communicate well.
· Think critically
· Manage their career.
Today’s graduates think they do all these things already pretty well. But …
The Problem: Employers think much differently. Today’s employers think most of today’s college graduates do the most important work things abysmally.
Take a look at the recent numbers below of how graduates think and how employer’s think. Huge differences.
Lots!
At a basic level, there is a huge gap between what employers want and today’s graduates think they do. This really impacts their employability and market value.
At a deeper level, it challenges the value of college and even an education. From the graduate’s point of view will the 4-years of education improve employability or maturity? From a parent’s point of view or the person who co-signs the college loan, will they be indentured for life.
By the way, our daughter decided to get an online mechanical engineering degree from University of Alabama and learn AI/Machine Learning/Robotics online.
Hopefully, these all point to getting a job and being self sustaining.
This two-part article focuses on risk management of facilities and equipment. It describes how a risk-based approach to facilities and equipment management fits into an integrated, effective quality systems structure. The principles discussed are equally applicable to all quality systems. Facilities and equipment represent a broad range of risk to product quality and are one of the key quality systems commonly identified in the pharmaceutical manufacturing industry. Continue reading
Periodic News, Announcements, and Information about Risk
As we cruise through post-recession there is one big concern on employer’s minds: retention.
Big companies and small companies are starting to see how the market has turned. Statistically, Monster job boards reported that 82% of surveyed employees have updated their resumes this year and 59% said they are passively looking for another role.
While compensation is always a factor in retention, it isn’t the end all. Most of the people I interview are looking for career advancement and flexible work hours. Sometimes it’s just not practical to throw more money at employees and often that isn’t what’s bugging them anyway.
Some job seekers want more of a challenge and think they are topped out in their current role. Some start looking aggressively if they aren’t connecting with their manager. People leave jobs for a variety of reasons.
Here’s what you can do to make them want to stay:
1. Get rid of hidden agendas
There is nothing more refreshing than a boss that gives a directive and tells you why. Employees want to understand how their job fit into the bigger picture or they lose motivation.
2. Formal Mentoring Programs
Many women in today’s workforce long to get into leadership, but need a solid mentor to help them navigate. Junior level employees benefit from having an on staff mentor to show them the ropes. Cost effective, mentors bring maximum ROI to organizations While I know that this sounds like one more thing on the to-do list, it’s worth the effort.
3. Map Career Path
Many companies say they are growing, but they don’t promote from within. Before taking any new job ask, “When was the last time you promoted someone from within?” Pay attention to the level of position and how often a company promotes. If you want to retain, don’t have your employees guessing what the next step is because it’s likely they will find the next role someplace that recognizes their talent and scoops them up
4. Internal Recognition
As cheesy as this sounds, there is nothing like the top executives in an organization sending an email to a well-deserved employee in regards to their performance. It allows the person to know their job matters and that what they do each day really does matter.
Curious about how to calculate retention rates in your company and see where you are at? Check out this link https://answers.yahoo.com/question/index?qid=20070723120306AAFz76x
Bio:
Elizabeth Lions Author, “Recession Proof Yourself!” and ”I Quit! Working For You Isn’t Working For Me” www.elizabethlions.com 806 283 8811
Dear friends we live in depressing times. Our media is full of failing and failed organisations. From the Financial crises to the BBC, from the IRS or the Veterans Health Administration to the UK Houses of Parliament, all around us is the evidence that our systems and safeguards are failing to protect the stakeholders from the slings and arrows of outrageous management, and an ever more demanding and volatile environment. Clearly, modern life has an enormous dependence on the integrity of human systems. Continue reading
Q+E proposes to develop a 5-day CERM Cyber Risk (CERM – CR) Workshop focused on the NIST RMF and NIST 800 guidelines. The workshop will be available for students and graduate students and also for continuing education for IT, engineering, and security professionals. It will be deliverable first in classroom training and then online. It will be based on Q+E’s existing CERM course materials. CERM – CR will utilize NIST RMF and NIST 800’s. Q+E will customize the workshop with recent CIP examples, case studies, and illustrations. Q+E also will introduce Critical Security Controls, ISACA COBIT 5, ISO 27001, ISA/IEC 62443 (ISA-99), and other cyber risk frameworks.
Certified Enterprise Risk Manager – Cyber Risk Components (CERM – CR)
CERM – CR is composed of three key elements:
CERM – CR will provide a foundation in cybersecurity risk management and will consist of three integrated workshops: 1. Cyber Enterprise Risk Management (see page 6), Cyber Risk Management Frameworks (see page 7), and 3. Cyber Risk Assurance (see page 8). The Cyber ERM component will look at cybersecurity in the context of the enterprise and how to integrate cyber risk into the enterprise risk management program and provide a solid foundation in cyber governance, risk management principles, and cyber compliance/assurance. The Cyber RMF component will focus on the NIST RMF and how to apply its Core Functions-Identify, Protect, Detect, Respond, Recover, and the Categories and Subcategories to organize and structure a cybersecurity program using Profiles and Tiers. The Cyber Risk Assurance component will focus on practices for ensuring compliance and assuring cybersecurity controls are effective at the enterprise, programmatic/process, and system levels.
Q+E has cybersecurity experience in five Critical Infrastructure Protection (CIP) sectors. CERM – CR will offer CIP cyber security risk mitigation examples and case studies from chemical sector (CFATS), electric (NERC CIP), and other CIP sectors.
CERM – CYBER RISK LIFECYCLE LEARNING MODEL
The purpose of CERM – CR is to certificate professionals in cybersecurity risk management problem-solving and risk-based decision-making founded upon the CERM Cyber Lifecycle Learning Model shown in the figure below. The model has three :
1. CERM – CR certificate; 2. CERM – CR webinars; and 3. CERM – CR resources.
CERM – CR CERTIFICATE EXAM
At the conclusion of the integrated CERM – CR workshops, participants can apply to take a certificate exam and receive the CERM – CR certificate. CERM – CR will have a 3 hour certificate exam of 100 questions covering the three integrated cyber workshops below:
CERM Cyber Risk Integrated Workshops |
Percentage of Test Items |
Cyber Enterprise Risk Management |
20% |
Cyber Risk Assurance |
40% |
Cyber Risk Management Framework |
40% |
CERM – CR will eventually migrate to three certificate levels as well as sub-certificates addressing specific NIST 800 guidelines such as encryption (800 – 21) and industrial control systems (800 – 82). The CERM – CR certificate levels would indicate:
Value Added Auditing is a Q+E process and risk based manual for conducting operational, IT, cyber, and supply management assessments. The objective of the manual is to enhance 1. Risk-based problem solving and 2. Risk-based decision making. Value Added Auditing can be used as a ‘how to’ primer or reference for the following assessments:
Value Added Auditing is the primary text for the Risk Assurance element of the Certified Enterprise Risk Manager® certificate program. Visit www.CERMAcademy.com.
US Department of Homeland Security (DHS) certified Value Added Auditing as a ‘Qualified Anti-Terrorist Technology’ under the Safety Act as a critical elements of Critical Infrastructure Protection: Forensics, Assurance, Analytics®.