Background

The Organization for Security and Co-operation in Europe (OSCE) is an international non-profit organization with its Secretariat in Vienna, Austria; detailed information about the work of the OSCE and its presence is available at www.osce.org

Risk Management at the OSCE

The Department of Management and Finance (DMF) provides services in the area of finance, budget, information and communication technology, procurement and assets management, as well as in maintaining the system of internal control and a supporting risk-based approach to management decision-making that facilitates achieving OSCE´s objectives. This is achieved through proactive identification, evaluation and control of major, security and operational risks across the OSCE.

In 2008, the OSCE implemented a web-based Enterprise Risk Management software that supports the collection of risks across the OSCE and reporting on them.

At present, the OSCE is satisfied with the current software solution but interested to learn about alternative products, their technical capabilities, and related pricing information.

Requirements

In view of the above, the OSCE is interested to receive feedback from the market on the following requirements:

1. Product name;
2. Service options - cloud based vs. on premises;
3. Functional capabilities including:
• Multiple browser;
• Enable the OSCE to manage risk in a structured way and assist with embedding the ownership, management, review and reporting of risks to stakeholders;
• Provide full mapping of risks, controls, ownership, risk status, control status;
• Access real-time interactive dashboards and reporting tools allowing to get to the data that is needed promptly for further analysis and/or decision-making;
• Customize reports and their format;
• Customize naming of the fields to be consistent with the OSCE naming convention;
• Operate two sets of naming for the fields to allow for differing terminology for security and operational risks;
• Create drop-down lists with standardized sets of risks and controls;
• Register cross-cutting risks;
• Possibility to include audit recommendations, tracking, compliance and other business functions.  Possibility to cross-link the data (e.g. audit recommendations to the new controls proposed).
4. Technical requirements;
5. Data migration from existing platform to a new solution;
4. Availability of technical support function and related cost. If initial support is provided for free, please specify the timeframe;
5. Possibility of data exchange (integration) with Oracle ERP;
6. Demo access;
7. Success stories (e.g., implementation and usage in the international organizations and agencies e.g., UN, World Bank, etc.;
8. Pricing and licensing information.

The feedback on the above requirements is required by the OSCE to evaluate the quality of current system and support the decision making process toward new system.

Request for Information procedure

Interested Vendors wishing to participate in the pre-qualification process are requested to submit relevant pre-qualification documentation by email to Yury Golovkov at yury.golovkov@osce.org by 28 August 2016 22:00HRS CET.

All responses will be rated against the mandatory requirements and pre-qualification criteria. At the end of the evaluation process, Vendor will be notified where its response rated as acceptable or not.

OSCE Disclaimer

The OSCE reserves the right to accept or reject any pre-qualification documentation, and to annul or to suspend the pre-qualification and subsequent tender process and reject all solicitations at any time and without reason prior to the date of Contract Award, without thereby incurring any liability or responsibility to affected participants of this pre-qualification or tender process.

END.

Related Stories

• Request for Information (RFI): Enterprise Risk Management Software

Nitesh Khullar said Our ML/AI models can analyze vast amounts of alternative data, from social media activity to transaction histories, providing a more complete view of an applicant's financial health

Michelle L. Ross Completes the Risk Management, Insurance Planning and Employee Benefits Course.

This paper aims to analyse the effectiveness of cost control oriented enterprise financial risk management. Firstly, it analyses the importance of enterprise financial risk management. Secondly, the position of cost control in enterprise financial risk management was analysed. Cost control can be used to reduce the operating costs of enterprises, improve their profitability, and thus reduce the financial risks they face. Finally, a corporate financial risk management strategy is constructed from several aspects: establishing a sound risk management system, predicting and responding to various risks, optimising fund operation management, strengthening internal control, and enhancing employee risk awareness. The results show that after applying the proposed management strategy, the enterprise performs well in cost control oriented enterprise financial risk management, with a cost accounting accuracy of 95% and an audit system completeness of 90%. It can also help the enterprise develop emergency plans and provide comprehensive risk management strategy coverage.

This research investigates the correlation between risk management and supply chain performance (SCP) along with moderation of AI-embedded technologies such as big data analytics, Internet of Things (IoT), virtual reality, and blockchain technologies. To calculate the results, this study utilised 644 questionnaires through the structural equation modelling (SEM) method. It is revealed using SmartPls that financial risk management (FRM) is positively linked with SCP. Second, it was observed that AI significantly moderates the connection between FRM and SCP. In addition, the study presents certain insights into supply chain and AI-enabled technologies and how these capabilities can beneficially advance SCP. Besides, certain implications, both managerial and theoretical are described for the supply chain managers along with limitations for future scholars of the world.

Aim/Purpose: Board of Directors seek to use their big data as a competitive advantage. Still, scholars note the complexities of corporate governance in practice related to information security risk management (ISRM) effectiveness. Background: While the interest in ISRM and its relationship to organizational success has grown, the scholarly literature is unclear about the effects of Chief Technology Officers (CTOs) leadership styles, the alignment of the governance of big data, and ISRM effectiveness in organizations in the West-ern United States. Methodology: The research method selected for this study was a quantitative, correlational research design. Data from 139 participant survey responses from Chief Technology Officers (CTOs) in the Western United States were analyzed using 3 regression models to test for mediation following Baron and Kenny’s methodology. Contribution: Previous scholarship has established the importance of leadership styles, big data governance, and ISRM effectiveness, but not in a combined understanding of the relationship between all three variables. The researchers’ primary objective was to contribute valuable knowledge to the practical field of computer science by empirically validating the relationships between the CTOs leadership styles, the alignment of the governance of big data, and ISRM effectiveness. Findings: The results of the first regression model between CTOs leadership styles and ISRM effectiveness were statistically significant. The second regression model results between CTOs leadership styles and the alignment of the governance of big data were not statistically significant. The results of the third regression model between CTOs leadership styles, the alignment of the governance of big data, and ISRM effectiveness were statistically significant. The alignment of the governance of big data was a significant predictor in the model. At the same time, the predictive strength of all 3 CTOs leadership styles was diminished between the first regression model and the third regression model. The regression models indicated that the alignment of the governance of big data was a partial mediator of the relationship between CTOs leadership styles and ISRM effectiveness. Recommendations for Practitioners: With big data growing at an exponential rate, this research may be useful in helping other practitioners think about how to test mediation with other interconnected variables related to the alignment of the governance of big data. Overall, the alignment of governance of big data being a partial mediator of the relationship between CTOs leadership styles and ISRM effectiveness suggests the significant role that the alignment of the governance of big data plays within an organization. Recommendations for Researchers: While this exact study has not been previously conducted with these three variables with CTOs in the Western United States, overall, these results are in agreement with the literature that information security governance does not significantly mediate the relationship between IT leadership styles and ISRM. However, some of the overall findings did vary from the literature, including the predictive relationship between transactional leadership and ISRM effectiveness. With the finding of partial mediation indicated in this study, this also suggests that the alignment of the governance of big data provides a partial intervention between CTOs leadership styles and ISRM effectiveness. Impact on Society: Big data breaches are increasing year after year, exposing sensitive information that can lead to harm to citizens. This study supports the broader scholarly consensus that to achieve ISRM effectiveness, better alignment of governance policies is essential. This research highlights the importance of higher-level governance as it relates to ISRM effectiveness, implying that ineffective governance could negatively impact both leadership and ISRM effectiveness, which could potentially cause reputational harm. Future Research: This study raised questions about CTO leadership styles, the specific governance structures involved related to the alignment of big data and ISRM effectiveness. While the research around these variables independently is mature, there is an overall lack of mediation studies as it relates to the impact of the alignment of the governance of big data. With the lack of alignment around a universal framework, evolving frameworks could be tested in future research to see if similar results are obtained.

Washington — The Federal Railroad Administration has issued a final rule requiring certain railroads to develop and implement a fatigue risk management program as a component of their larger safety risk reduction program.

How can risk management tools be applied within EHS organizations?

Washington — The Federal Railroad Administration is seeking comment on a proposed rule that would require certain railroads to develop and implement a fatigue risk management program as a component of their larger safety risk reduction programs.

Join the MSD Solutions Lab on Sept. 28 as it explores ergonomics and DEI.

This new requirement was established following a months-long infant formula shortage sparked by insanitary conditions at one of the nation’s largest infant formula facilities. 

Compared to 10-15 years ago, companies are safer. Whether it’s tighter regulations, more awareness, enhanced experience, technology improvements or other factors, companies are doing a better job keeping their employees safe at the workplace. However, that number has plateaued over the last couple of years—the total incident rate per 100 workers has not changed significantly since 2017.

A recent webinar focuses on chemical risk management, with a particular emphasis on the role of approvals, green chemistry, and hazard communication.

When it comes to managing the risk associated with employee safety, the risk manager usually looks to the safety department to address that area.

Safety debates surrounding hiking risks run parallel to opinions on workplace safety.

Arun Mathew lends years of expertise to his work in quality.

Glenn R. Femminella channels years of expertise to his work within the Construction Industry

MorganHill, a pioneering leader in information security solutions, is excited to announce the release of its ISO 27001 Risk Assessment Template, now available for instant download.

Arindam Majumdar, deputy chief risk officer at Bank OZK, ensures compliance with national laws and regulations

The District of Columbia’s highest court ruled that the Office of Administrative Hearings lacks authority to review penalty calculations by the Office of Risk Management. Luigi Buitrago injured his back in…

Are you prepared with the financial risk management strategies that can keep your business steady […]

William Dudley, senior advisor, Griswold Center for Economic Policy Studies, Princeton University; and former president of the Federal Reserve Bank of New York In conversation with Markus Brunnermeier, Edwards S. Sanford Professor of Economics, and Director of the Bendheim Center for Finance, Princeton University Wednesday, November 20, 2024, from 4:30-5:30 p.m. Julis Romo Rabinowitz Building, Room 399 Co-sponsored by The Griswold Center for Economic Policy Studies (GCEPS) and Bendheim Center for Finance (BCF) Open to the Princeton University Community Group of 30 Report Publication, G30 Working Group on the 2023 Banking Crisis, chaired by William Dudley

Knowing what can go wrong is key to getting things done right

National Bureau of Economic Research

This report provides a series of policy recommendations aimed at enhancing the contribution of the cyber insurance market to managing this increasingly prevalent risk. The report examines the current state of the market and the obstacles that are impeding the market from reaching its full potential

This is the report of the workshop on Natural-hazard triggered technological accidents (Natech) that took place 23-25 May 2012. It investigated the specific elements of the prevention of, preparedness for, and response to chemical accidents caused by natural hazard or natural disaster.

This report of a survey collates member countries’ approaches to manage and mitigate the risk of pesticide use near residential areas.

An analysis of flash flood forecasting in Europe has produced recommendations for emergency planners and others to improve flood risk management in vulnerable regions. In particular, the researchers recommend improved data collection and sharing, a common European policy for flash flood forecasting, and that local risk management recognises the specific challenges presented by flash floods.

How can stakeholders best be involved in the implementation of the EU Floods Directive? According to recent research examining Germany as a case study, three types of strategy are being pursued across the country’s 16 federal states: the first draws on Water Framework Directive (WFD) procedures, the second meets only minimum requirements for participation and the third involves stakeholders more intensively.

Climate change is expected to increase the intensity and occurrence of regional floods in Europe. A recent study has examined existing natural and constructed retention (or holding) basins that can be adapted to provide flood defences. As part of the study, a classification system for flood defence structures was developed to help Member States design sustainable flood risk management plans.

Throughout Europe and beyond, the delivery of flood risk management (FRM) is increasingly being seen as the shared responsibility of governmental actors and citizens. However, a new study, which explored the viewpoints of stakeholders in a flood-prone part of Belgium, found that citizens see FRM mainly as the government’s responsibility.

After the 2002 floods in Germany — the country’s most economically damaging natural hazard — efforts were made to develop a more integrated system of flood management. A recent study has reviewed how those measures helped Germany to cope with the more recent floods of 2013, highlighting developments in early-warning systems and consideration of hazards in urban planning. The researchers also discuss areas for improvement, including citizen engagement and cross-border collaboration.

New research has combined two different techniques for identifying hazards and assessing risks into a single dynamic risk assessment process. The new approach fills a gap in many current risk assessment techniques as it can be applied throughout the lifetime of a process, not just during its design phase, taking into account new information to update risk assessments and calculations systematically.

Chuck Brooks, a recognized global cybersecurity expert, Faculty at Georgetown University, and named by LinkedIn as one of the "Top 5 People to Follow on Tech" announces firm focused on strategy, branding, and government relations

Grace McStravock, who will graduate Saturday, May 9 with a 3.98 GPA in actuarial science and minors in mathematics and statistics, has been selected as Smeal’s spring 2020 risk management student marshal.

The Weather Risk Management Club has continued meeting via Zoom during the remote learning period, carrying on their work examining the impacts of severe weather events on the economy.

Delmarva farmers interested in learning more about protecting commodities revenue and crop insurance sign-ups before the March 15 deadline can attend a free risk management workshop next month. The March 5 event will be 8 a.m. to 3:30 p.m. at the Carvel Research and Education Center, Georgetown.