The best articles from around the web and R&I, handpicked by R&I editors.
Workers' Comp news and insights as well as columns and features from R&I.
Update on new scenarios as well as upcoming Risk Scenarios Live! events.

Global Risk

Quantifying Supply Chain Risks

Norway ranked first, while the Dominican Republic was worst at providing favorable supply chain factors.
By: | July 15, 2014 • 2 min read

Would it surprise you to learn that of 130 countries worldwide, the most favorable location for supply-chain exposures is Norway?

The Scandinavian country might not be a risk specialist’s first guess about supply chain conditions throughout the world, but that is indeed the case, said Steve Zenofsky, FM Global assistant vice president and spokesperson.

Coming in behind Norway in terms of affording favorable supply-chain factors were Switzerland and Canada. Most challenging areas for risk managers? Kyrgyzstan, Venezuela and the Dominican Republic.

The rankings are according to FM Global’s new, free online Global Resilience Index, which assesses conditions in 130 nations, and analyzes such factors as corruption, political risk, local infrastructure, risk of natural hazards, availability and price of oil, and quality of local suppliers.

George Haitsch, executive vice president and practice leader of Willis Global Solutions, said the Index is unique in offering free access to a tool that addresses factors specifically related to supply chain risk hazards.


For its part, he said, Willis offers clients an online tool called Atlas, which allows them to track natural catastrophes worldwide in real time.

“That’s the technology we have been working on,” said Haitsch, noting that natural-disaster risk and supply-chain risk have become increasingly intertwined.

Torolf Hamm, executive director in Willis’ catastrophe risk management practice, said in a blog post earlier this year that businesses are “increasingly keen to identify which key parts of the supply chain could be affected by the same natural hazard event and what risk mitigation options are available to reduce this exposure.”

Eric Jones, assistant vice president for Business Risk Consulting at FM Global, said the “real power with this tool is getting our clients to start thinking about the risks in their supply chain from a physical risk standpoint.”

“Using the index, risk specialists can get the attention of the C-suite and increase their organizational commitment from a time and resource standpoint,” he said.

The Index is designed to permit users to search for “core resilience drivers” impacting supply-chain risks, to learn which countries have the highest and lowest scores.

In drilling down for political risk climate, Switzerland, Finland, and New Zealand, for example, ranked highest.

For natural-hazard risk management, Ireland, Portugal and Singapore ranked highest, while Costa Rica, Israel, and the United States ranked highest for fire risk management.

The tool also displays a color-coded map showing which parts of the world are most and least risky in terms of supply chain factors from 2011 through 2014.

Janet Aschkenasy is a freelance financial writer based in New York. She can be reached at
Share this article:

World Cup

The Goal is Safety

Crisis planning and continual communication are essential to keeping employees safe.
By: | June 16, 2014 • 3 min read

Millions of spectators, workers, security personnel and media are either on the way or already in some of Brazil’s host cities for the 2014 World Cup.

Arguably the world’s most popular sporting event, preparing for the World Cup was no cheap feat.


Brazil spent upwards of $11 billion, mostly from state and federal budgets, on stadiums, infrastructure improvements and security. Bloomberg estimated the final tab could reach about $14.5 billion.

The sheer amount of resources devoted to this global event sparked protests by Brazilians angered by the amount of money that was spent on Cup preparations while many public services – transportation, in particular — remain substandard.

While threats of violence have largely been negligible thus far, companies doing business in Brazil during World Cup fervor should be ready for the risks involved.

“The primary threat to foreign travelers is crime, ranging from petty theft, mugging, burglary and car theft to life-threatening crimes such as kidnapping, rape and murder,” said Dominick Zenzola, vice president and employee benefit manager of Chubb Accident & Health. “Travelers should avoid all forms of demonstrations for their own personal safety.”

Companies that have workers in Brazil or know that some will be travelling there for the tournament should assess the risks and do some planning.

Prepare a Plan

“Hire professionals to analyze the risks to property and human life,” said John Rose, COO of iJET International, a provider of risk management solutions for the travel industry.

Because many crimes against travelers occur near hotels, companies should ensure that hotel security audits are performed and suitable facilities are identified before travelers arrive, according to Zenzola.

Planning should also include pinpointing emergency or medical resources such as police stations and hospitals, as well as mapping out evacuation plans.

Those plans include “knowing where your people are at all times and where they’re going,” Rose said, as well as who will be in place to help them get out if the need arises.

He added that, in order for plans to be meaningful and actionable, they must take the local context into consideration, including cultural and social differences and varying safety environments.

In Rio de Janeiro, for example, “drivers are allowed to treat stop lights as stop signs between the hours of 10 p.m. and 6 a.m. to protect themselves against theft at intersections,” Zenzola said. Knowing a small detail like that could mean the difference between a safe ride home and becoming a victim.

Communication and Awareness

A lack of communication, however, can render even the most detailed plan worthless.

“Clear communication between employer and employee is a crucial first step,” Zenzola said. Employers should make sure their workers know what resources are available to ensure their safety and what to do in the event of a crisis, which means educating them on the company business travel accident policy.

Business travel accident insurance generally aligns with workers’ compensation, general liability and broader kidnap and ransom policies to help ensure total protection in the event of accident or injury.

“If a company goes without insurance protection, the potential liability could result in lawsuits, high fines, and damage its brand reputation,” Zenzola said.

On the flip side, employees should communicate clearly their travel plans and keep employers informed of any itinerary changes.


Travelers should also keep in mind basic personal safety precautions, such as keeping purses and wallets secure in public, declining drinks from strangers at a bar, and only using taxis called by the hotel or a reputable dispatch service.

Zenzola also advised checking the U.S. State Department website for recent travel warnings and other travel advisory resources for country risk ratings before setting off.

Proceed with Caution

Brazil currently bears a low to moderate security risk rating overall, according to several travel services companies like International SOS and IHS Country Risk. Major tourist cities like Rio de Janeiro and Sao Paulo, however, are ranked as more dangerous due to increasing levels of violent street crime.

As the tournament continues through June and July, the final word remains that business travelers should have no problems navigating Brazil … as long as they stay vigilant and informed.

The key is “preparation, preparation, preparation,” Rose said. “Who’s executing your response when things go sideways?”

Katie Siegel is a staff writer at Risk & Insurance®. She can be reached at
Share this article:

Sponsored Content by ACE Group

5 & 5: Rewards and Risks of Cloud Computing

As cloud computing threats loom, it's important to understand the benefits and risks.
By: | June 2, 2014 • 4 min read

Cloud computing lowers costs, increases capacity and provides security that companies would be hard-pressed to deliver on their own. Utilizing the cloud allows companies to “rent” hardware and software as a service and store data on a series of servers with unlimited availability and space. But the risks loom large, such as unforgiving contracts, hidden fees and sophisticated criminal attacks.

ACE’s recently published whitepaper, “Cloud Computing: Is Your Company Weighing Both Benefits and Risks?”, focuses on educating risk managers about the risks and rewards of this ever-evolving technology. Key issues raised in the paper include:

5 benefits of cloud computing

1. Lower infrastructure costs
The days of investing in standalone servers are over. For far less investment, a company can store data in the cloud with much greater capacity. Cloud technology reduces or eliminates management costs associated with IT personnel, data storage and real estate. Cloud providers can also absorb the expenses of software upgrades, hardware upgrades and the replacement of obsolete network and security devices.

2. Capacity when you need it … not when you don’t
Cloud computing enables businesses to ramp up their capacity during peak times, then ramp back down during the year, rather than wastefully buying capacity they don’t need. Take the retail sector, for example. During the holiday season, online traffic increases substantially as consumers shop for gifts. Now, companies in the retail sector can pay for the capacity they need only when they need it.


3. Security and speed increase
Cloud providers invest big dollars in securing data with the latest technology — striving for cutting-edge speed and security. In fact, they provide redundancy data that’s replicated and encrypted so it can be delivered quickly and securely. Companies that utilize the cloud would find it difficult to get such results on their own.

4. Anything, anytime, anywhere
With cloud technology, companies can access data from anywhere, at any time. Take Dropbox for example. Its popularity has grown because people want to share large files that exceed the capacity of their email inboxes. Now it’s expanded the way we share data. As time goes on, other cloud companies will surely be looking to improve upon that technology.

5. Regulatory compliance comes more easily
The data security and technology that regulators require typically come standard from cloud providers. They routinely test their networks and systems. They provide data backups and power redundancy. Some even overtly assist customers with regulatory compliance such as the Health Insurance Portability and Accountability Act (HIPAA) or Payment Card Industry Data Security Standard (PCI DSS).

SponsoredContent_ACE5 risks of cloud computing

1. Cloud contracts are unforgiving
Typically, risk managers and legal departments create contracts that mitigate losses caused by service providers. But cloud providers decline such stringent contracts, saying they hinder their ability to keep prices down. Instead, cloud contracts don’t include traditional indemnification or limitations of liability, particularly pertaining to privacy and data security. If a cloud provider suffers a data breach of customer information or sustains a network outage, risk managers are less likely to have the same contractual protection they are accustomed to seeing from traditional service providers.

2. Control is lost
In the cloud, companies are often forced to give up control of data and network availability. This can make staying compliant with regulations a challenge. For example cloud providers use data warehouses located in multiple jurisdictions, often transferring data across servers globally. While a company would be compliant in one location, it could be non-compliant when that data is transferred to a different location — and worst of all, the company may have no idea that it even happened.

3. High-level security threats loom
Higher levels of security attract sophisticated hackers. While a data thief may not be interested in your company’s information by itself, a large collection of data is a prime target. Advanced Persistent Threat (APT) attacks by highly skilled criminals continue to increase — putting your data at increased risk.


4. Hidden costs can hurt
Nobody can dispute the up-front cost savings provided by the cloud. But moving from one cloud to another can be expensive. Plus, one cloud is often not enough because of congestion and outages. More cloud providers equals more cost. Also, regulatory compliance again becomes a challenge since you can never outsource the risk to a third party. That leaves the burden of conducting vendor due diligence in a company’s hands.

5. Data security is actually your responsibility
Yes, security in the cloud is often more sophisticated than what a company can provide on its own. However, many organizations fail to realize that it’s their responsibility to secure their data before sending it to the cloud. In fact, cloud providers often won’t ensure the security of the data in their clouds and, legally, most jurisdictions hold the data owner accountable for security.

The takeaway

Risk managers can’t just take cloud computing at face value. Yes, it’s a great alternative for cost, speed and security, but hidden fees and unexpected threats can make utilization much riskier than anticipated.

Managing the risks requires a deeper understanding of the technology, careful due diligence and constant vigilance — and ACE can help guide an organization through the process.

To learn more about how to manage cloud risks, read the ACE whitepaper: Cloud Computing: Is Your Company Weighing Both Benefits and Risks?

This article was produced by ACE Group and not the Risk & Insurance® editorial team.

With operations in 54 countries, ACE Group is one of the largest multiline property and casualty insurance companies in the world.
Share this article: