Home

Our ongoing commitment is to ensure innovative and reliable security solutions, adapting to the changing business and global environment. Find out who Kriptia is and how we can help your business.

About

Kriptia is a project born in 2012 with the aim of providing pioneering solutions in the areas of Open Source Intelligence (OSINT), counterpart analysis, business intelligence and security management, a field that at the time was not widespread in Italy. Guided by a strict code of ethics and a mission to promote business development and security, today Kriptia can boast a well-established portfolio of clients both nationally and internationally in the field of corporate intelligence and security management. Our ongoing commitment is to ensure innovative and reliable security solutions, adapting to the evolving business and global environment.

About Us

Boost your Global Corporate Intelligence with Kriptia

We turn complex data into strategic insights critical to global success. learn more.

Learn More

Integrated Security Management

We ensure the comprehensive protection of people, assets and corporate information. learn more.

Learn More

Counterparty analysis and OSINT methodology in 192 countries around the world

We provide in-depth counterparty analysis and advanced OSINT methodology.

Learn More

Digital Platforms

We have innovative proprietary digital platforms to automate processes.

Learn More

LIFE: Empowering Employees and Top Management Globally

Through innovative solutions, we enhance the career path of employees and top management.

Travel Security and Analysis for Travel Personnel

We ensure the security of your traveling personnel with our advanced solutions.

Learn More

Kriptia Magazine

Here are some of the latest news. On the page, you will find all our updates:

Newsletter

Risk Management Framework: OODA Loop and ISO 31000

New risks arise from unexpected combinations or large-scale events. Relying on routine management practices can create a false sense of security, while real risks grow. A Risk Management team must act swiftly, making adaptable decisions with awareness of uncertainty, as not all actions will be successful.

Risk Management Framework: OODA Loop and ISO 31000
Read More
Uncategorized

Crisis Management and Business Continuity Plans

In an increasingly uncertain and volatile economic and geopolitical context, organizations must be prepared to respond quickly and systematically to emergency situations, which may stem from internal or external threats.

Crisis Management and Business Continuity Plans
Read More
Newsletter

Techniques for Preventing Data and Intellectual Property Theft

Protecting sensitive company assets requires an integrated approach that combines advanced technological measures and effective physical security controls.

Techniques for Preventing Data and Intellectual Property Theft
Read More
Uncategorized

How to Choose the Best Corporate Intelligence

As more corporate teams turn to Private Intelligence providers to understand geopolitical and security operating conditions, it is crucial for corporate leadership and their intelligence teams to make the best choice aligned with their needs, risk level, and corporate ethics.

How to Choose the Best Corporate Intelligence
Read More
Newsletter

Why Zero Risk Doesn’t Exist and You Need a Risk Management Plan

Humans, whether consciously or unconsciously, tend to manage risk by establishing structured approaches whenever they need to make decisions. Risk management is inherently linked to survival.

Why Zero Risk Doesn’t Exist and You Need a Risk Management Plan
Read More
Events

All the News from Kriptia at Milipol Paris

On the occasion of the 2023 edition of Milipol Paris, the leading event for internal security organized under the patronage of the French Ministry of the Interior, Kriptia is pleased to announce the presentation of KRION and SECURITY HOTELS.

All the News from Kriptia at Milipol Paris
Read More
Events

Security Intelligence in the Corporate Context: Balancing Physical and Cyber Security

Summary of the Kriptia Event on June 20, 2023

Security Intelligence in the Corporate Context: Balancing Physical and Cyber Security
Read More
Reports

Crime Observatory in Companies 2023

Download Our 2023 Report

Crime Observatory in Companies 2023
Read More
Newsletter

Tailored Security for Your Business: Discover Kriptia’s Services

If you haven't done so yet, now is the time to protect your business, events, and employees with Kriptia's advanced security solutions.

Tailored Security for Your Business: Discover Kriptia’s Services
Read More
Newsletter

Reducing Risks in Business Travel: Strategies for Effective Risk Management

The business world is constantly evolving, and with it grows the need to adopt risk management strategies in business travel.

Reducing Risks in Business Travel: Strategies for Effective Risk Management
Read More
Newsletter

The Role of Corporate Intelligence

In an increasingly complex and uncertain world, companies must base their decisions on reliable and relevant information that helps them prevent and address risks, seize opportunities, and maintain a competitive edge.

The Role of Corporate Intelligence
Read More

Careers

Do you want to work with us? Check out the open positions at Kriptia.

Contact Us

Contact us to receive information about our business, and to see if we can help you.

Risk Management Framework: OODA Loop and ISO 31000

New risks arise from unexpected combinations or large-scale events. Relying on routine management practices can create a false sense of security, while real risks grow. A Risk Management team must act swiftly, making adaptable decisions with awareness of uncertainty, as not all actions will be successful.

Risk Management Framework: OODA Loop and ISO 31000

Leave a Comment / Newsletter / By

An article in the Harvard Business Review titled “Managing Unpredictable Risks: What to Do When There Are No Precedents” by Robert S. Kaplan, Herman B. “Dutch” Leonard, and Anette Mikes addresses emerging risks and some techniques for responding to them in ways that can help mitigate their impact. Organizations handle common operational risks, but standard policies fail when confronted with unforeseen or complex events. New risks arise from unexpected combinations or large-scale events. Relying on routine management practices can create a false sense of security, while real risks grow. A Risk Management team must act swiftly, making adaptable decisions with awareness of uncertainty, as not all actions will be successful.

Among the techniques mentioned is the OODA loop, originally developed for military purposes, which has proven to be an extremely versatile tool, also applicable to the business world, particularly in the context of risk management. The OODA loop, an acronym for Observe, Orient, Decide, Act, provides a structured framework for dealing with dynamic and complex situations, such as those typical of corporate risk management. Here’s how each phase integrates into this process:

OBSERVE
The first step involves information gathering, which consists of identifying and continuously monitoring potential internal and external risks to the company, followed by data analysis, using analytical tools and techniques to understand the nature, probability, and potential impact of each risk. A constant monitoring of the environment is essential to quickly detect changes in the competitive, regulatory, and technological landscape that may influence the risk profile.

ORIENT
The initial classification of risks based on their severity and priority allows for an accurate risk assessment and the definition of risk tolerance, which is the level of risk acceptable for the organization. The final step is linking the risks to strategic objectives and understanding how these risks may affect the company’s ability to achieve its goals.

DECIDE
Developing a response plan is the first decision-making phase that outlines the actions to mitigate, transfer, or accept the identified risks. This phase is necessary but insufficient on its own without assigning responsibility for the implementation and monitoring of the response plans and allocating the necessary resources to carry out the risk management measures.

ACT
This phase involves the implementation of mitigation measures, executing the actions designed to reduce the risk impact, monitoring their effectiveness, making adjustments as needed, and communicating with all stakeholders about the risks and the actions taken.

The advantages of using the OODA loop in Risk Management include a faster response to changes and new threats, a focus on the most critical areas, support for data-driven and analytical decision-making, and continuous improvement, thanks to the iterative approach to risk management.

In conclusion, the OODA loop provides a robust and flexible framework for managing complex business risks. By applying this cycle, organizations can enhance their ability to identify, assess, and mitigate risks, thus increasing their resilience and capacity to achieve their objectives.

Let’s now consider an example of Risk Management applied to the complexity and dynamism of the modern Supply Chain, evaluating risks related to suppliers, developing business continuity plans, and monitoring supplier performance.

For instance, a health crisis requires: observing the evolving situation, orienting towards potential supply chain disruptions, deciding to diversify suppliers, and implementing employee safety measures. Or, the introduction of a new product might involve monitoring customer demand, assessing potential production and distribution difficulties, deciding to invest in new production capacities, and executing a market launch plan.

OBSERVE

  • Monitoring suppliers, continuously assessing their performance, identifying potential risks (such as production disruptions, delivery delays, quality issues), and tracking their key performance indicators (KPIs);
  • Analyzing market data, such as monitoring demand trends, market trends, raw material prices, and exchange rate fluctuations;
  • Detecting unforeseen external events like natural disasters, geopolitical conflicts, regulatory changes, and health crises that can impact the supply chain.

ORIENT

  • Assessing the potential impact of each identified risk on the supply chain, considering the likelihood of occurrence and economic consequences;
  • Defining future scenarios to simulate different risk combinations and assess the resilience of the supply chain;
  • Aligning with strategic objectives, evaluating how risks may influence the company’s goals, such as cost reduction, customer service improvement, and profitability increase.

DECIDE

  • Developing continuity plans to ensure operational continuity in case of supply chain disruption, identifying alternative suppliers, transportation routes, and emergency procedures;
  • Defining service levels expected by customers and the actions necessary to ensure satisfaction even in uncertain conditions;
  • Allocating the resources needed to implement risk response plans, such as investing in supply chain traceability technologies.

ACT

  • Implementing concrete mitigation measures to reduce the risk impact, such as diversifying suppliers, creating safety stocks, and setting up early warning systems;
  • Continuously monitoring the effectiveness of the adopted measures and updating response plans based on results;
  • Transparent and timely communication with customers, suppliers, and other stakeholders about potential risks and actions taken.

Finally, the OODA loop can be integrated with other risk management frameworks, such as ISO 31000, to provide a more comprehensive and robust approach to threat mitigation. By integrating these frameworks, the OODA loop can be used for rapid risk assessment, while ISO 31000 offers a structured and documented risk management policy.

For Risk Management support for your organization, contact us at info@kriptia.com.

Post Views: 18

Leave a Comment

Your email address will not be published. Required fields are marked *