Pablo Escobar is without doubt one of the most notorious narco-terrorists of our time. He’s much less effectively often called an entry danger administration skilled. Reality is, mitigating danger was one in all his best achievements!
The next is sponsored content material. It could not replicate the views of our editorial workers.
By Dudley Cartwright, Co-founder and CEO of Soterion
Pablo Escobar is without doubt one of the most notorious narco-terrorists of our time. His identify is synonymous with unlawful medication, brutal murders, and a exceptional expertise for avoiding seize. He’s maybe much less effectively often called an entry danger administration skilled.
However the fact is, mitigating danger was one in all Pablo Escobar’s best achievements. And the way in which he operated gives us with some nice ideas that we will apply to SAP safety and entry danger administration.
Now, I’m under no circumstances glorifying Escobar’s antics, however the reality is that he ran a multi-billion greenback a 12 months business that had many transferring components – all with out the assistance of the type of subtle know-how many people have entry to in the present day. That’s no small feat.
Whereas I’m not suggesting you exit and commit crime, there are some necessary classes you possibly can take from Escobar to assist handle danger, improve SAP safety and enhance entry danger administration in your organisation.
The three strains of defence for SAP safety
Escobar’s best concern was to be caught and extradited to the US. So how is it doable that he was essentially the most needed individual on the planet for a ten–15 12 months interval, everybody knew the town the place he resided, but a few of the strongest authorities companies couldn’t catch him?
The reply is Escobar was good at managing danger. He not solely had a really clear thought what his dangers had been, however he carried out a technique higher than any organisation in the present day to mitigate these dangers.
Escobar appreciated and perfected the three strains of defence. In enterprise or in any other case, you could have three strains of defence on the subject of SAP safety:
- First line: Operational / Enterprise customers
- Second line: Danger / Compliance departments
- Third line: Audit / Assurance departments
Your first line of defence must be your strongest
Escobar carried out an exceptionally efficient first line of defence.
In his metropolis of Medellin, he was nearly untouchable. He realised the significance of getting many eyes and ears on the bottom, so there have been all walks of life that fed him data when there was any danger. From avenue children to grandmothers merchandising meals at avenue corners, the second one thing seemed suspicious, Escobar was knowledgeable.
If a Westerner arrived at Medellin Airport, it was assumed he was a DEA agent and they’d be adopted and monitored. When the Columbian military made their transfer on Escobar, a avenue vendor observed many military vehicles leaving the barracks and thought that would solely be for one purpose – and subsequently alerted Escobar.
It may very well be argued that Escobar’s second line of defence was bribing the police and the military. His third line of defence was probably his military of assassins. Nevertheless, it was Escobar’s first line of defence that was his only in that it acquired him out of hassle essentially the most usually.
For organisations, that is additionally true: Your first line of defence ought to at all times be your strongest.
An organisation’s first line of defence are often the staff (tremendous / key customers) which have been within the organisation for 15 – 20 years. They perceive their space of the enterprise and enterprise processes higher than anybody else.
Sadly, in most organisations that is sometimes the weakest line of defence. That’s not as a result of these staff don’t know the dangers of their space, it’s as a result of the organisation has not carried out the proper processes and options to empower these customers to take part within the danger administration actions.
Empower your first line of defence with business-centric options
If in case you have staff who’ve been along with your organisation both for a few years and/or have an in-depth data of their space of the enterprise in addition to a transparent understanding of the dangers – you might be in a great place.
However simply having these folks out there just isn’t sufficient.
It’s worthwhile to empower them with the correct options and processes to handle entry danger and strengthen SAP safety.
All too usually organisations find yourself implementing complicated options which might be too technical for the enterprise customers, which consequence within the options being under-utilised or redundant. At finest, these technical options find yourself getting used as ‘back-end’ options by the IT or technical crew.
When this occurs, you lose your first line of defence.
Be extra like Escobar (minus the medication and deaths)
Escobar carried out a system and course of the place folks on the bottom may successfully act as the primary line of defence. These first liners had been educated on what was deemed a danger for Escobar. When figuring out a danger, there was a transparent course of wherein the primary liners may use to feed this data by way of to the related folks within the organisation. Escobar empowered his first liners to boost the alarm in the event that they observed something that posed a danger.
Whilst you could not have the weapons that Escobar had, you do have a strong weapon in danger administration at your disposal – loyal and skilled operational and enterprise customers.
By enhancing enterprise buy-in and bettering your first line of defence, your organisation will turn into extra danger conscious and can be capable of determine and reply extra quickly to safety threats.
To provide your organisation the most effective probability of preventing danger, that you must equip your customers with the correct weapons – and one in all your finest weapons in the present day is a business-friendly GRC solution. By giving your folks instruments that they not solely perceive however are additionally not afraid to make use of, you empower them to successfully handle your organisation’s danger.
About Soterion
Soterion is a global main supplier of governance, danger and compliance options for organisations operating SAP. Soterion’s user-friendly GRC options present in-depth entry danger reporting to permit organisations to successfully handle their entry danger publicity. Soterion is enthusiastic about simplifying the governance, danger and compliance processes, with a deal with translating this complexity right into a business-friendly language to reinforce higher resolution making and enterprise accountability.
In regards to the Writer
Dudley Cartwright is co-founder and CEO of Soterion. With effectively over a decade of SAP Authorisation expertise, Dudley’s robust technical understanding mixed together with his sharp enterprise data has allowed him to implement safety options of the best high quality for corporations all all over the world. Dudley has a ardour for implementing “fit-for-purpose” value-added options – a philosophy that has turn into the cornerstone of Soterion’s mission.