Best Practice Symposium By Melanie Spies (Demix CEO)
It’s always a pleasure to see my Demix Global colleagues in person, as it doesn’t happen often with our virtual work setup. Today’s Best Practice Symposium has been a fantastic learning opportunity, and it was especially great to see Andries van der Walt and Johann (Elmo) Scheffer speak with such excellence, knowledge, and experience.
And, of course, no event in South Africa would be complete without some animal photos!
Contributions for the May Issue of The Demix Best Practice Magazine Submit your article about (IMP) Improving Performance - (PCM) Process Management, (PAD) Process Asset Development & (MPM) Managing Performance and Measurement for next month's issue.
Send your Articles / Presentations / Tools to This email address is being protected from spambots. You need JavaScript enabled to view it.
In this issue we will cover the following;
(MBR) Managing Business Resilience - (RSK) Risk and Opportunity Management, (IRP) Incident Resolution & Prevention, (CONT) Continuity
(MBR) Managing Business Resilience This CA addresses the ability to anticipate, prepare for, and respond to interruptions in order to continue operations. It involves identifying, evaluating, prioritizing, and handling risks. It ensures timely and effective resolution and prevention of interruptions to minimize the impact on business operations and ensures the best possible level of service quality. It addresses defining a minimum set of critical functions that must continue in the event of significant interruption of normal operations.
(RSK) Risk and Opportunity Management Intent Identify, record, analyze, and manage potential risks or opportunities.
Value Mitigate adverse impacts or capitalize on positive impacts to increase the likelihood of meeting objectives.
(IRP) Incident Resolution & Prevention Intent Resolve and prevent disruptions promptly to sustain service delivery levels.
Value Minimize the impact of disruptions to meet objectives and customer commitments more effectively.
(CONT) Continuity Intent Plan mitigation activities for significant disruptions to business operations so that work can continue or resume.
Value Enables continued operation when serious disruptions or catastrophic events occur.
Breaking Barriers, Building Futures: Women in the CMMI Industry By Bianca Nell (Demix Strategic project manager)
International Women's Day on March 8th sparked a moment of reflection for me, not just about how far we've come as women in tech and process improvement, but also about the inspiring journey of women within the CMMI (Capability Maturity Model Integration) field.
Looking back, I'm grateful to the many women who paved the way, those who worked hard, broke barriers and opened doors. Because of their determination, I've had the opportunity to grow, learn, and thrive in an industry that is evolving toward greater equality and opportunity for all.
My own journey didn’t begin in process improvement. I started out in sound engineering, a completely different industry with its own challenges. I faced a few hurdles and moments of doubt in my abilities, but each experience helped me grow. When I stepped into the CMMI world, I wasn’t sure what to expect, but I was met with open hearts and a truly welcoming community. That support gave me the confidence to keep learning and finding my place in this field.
One initiative that continues to inspire me is ISACA's Women in CMMI, a growing community and series of meetings dedicated to supporting, connecting, and uplifting women in this field. A space where stories are shared and experiences validated. Being part of this community has reminded me that continuous improvement isn't just about processes, it's about people, too.
I'm committed to encouraging the next generation, especially young women to pursue their passion for best practices, to challenge the status quo, and to know that their contributions matter. I'm also incredibly fortunate to be part of Demix, a company that places a strong emphasis on women empowerment, and to work alongside strong, dynamic women who lead with passion, knowledge, and resilience.
Together, we can continue building a future where excellence, growth, and opportunity are open to everyone willing to strive for it.
Agile - (MBR) Managing Business Resilience - (RSK) Risk and Opportunity Management, (IRP) Incident Resolution & Prevention, (CONT) Continuity
The inherent cadence and iterative nature of Agile practices make them well suited for the management of a wide range of risk commonly encountered in product development and related projects.1 Indeed, the nature and pace of change in such undertakings present considerable challenges for traditional methods that presume well-defined and stable requirements, together with known risk, that can be captured and modelled using classic techniques. For example, the manner in which understanding of requirements evolves (e.g., facilitated workshops, Agile modelling), the explorative fashion in which designs are implemented (e.g., prototyping, architectural spikes) and the incremental delivery of solutions all help to tackle uncertainty and to promote desired outcomes. This is particularly true of highly innovative solutions where both the customer and the delivery team must collaboratively work together to iteratively define the scope and content of the final solution while tackling both upside and downside risk.
However, throughout Agile literature, there is also a pronounced tendency to focus exclusively on the downside of risk without considering opportunities that can be exploited. This is evident from the view, expressed in many methodologies, that risk should necessarily be considered as an exposure to potentially negative outcomes. Moreover, there is a prevailing view that merely being Agile suffices and that more explicit attention to the identification, assessment, treatment and monitoring of risk is, therefore, not warranted.
It’s been an interesting month for Home Group, one of the UK’s major housing associations. Home Group is responsible for renting homes to more than 116,000 people across 55,000 properties in England and Scotland. Just last month, the charity suffered a data breach involving customer names, addresses and contact information. The company informed affected customers and mitigated the breach in just 90 minutes — a feat only a vigorous cybersecurity program made possible.
After reading this guide, you will understand how to improve leadership skills training in your organization, and get actionable tips for building a leadership development plan.
Thank you very much Steve for presenting at our info-sharing event on the 30th July 2020. Thank you also to all those who attended.
Introduction
Whilst, BCM is a sub-set of the greater enterprise risk management discipline, the link between BCM and Risk Management is often not very well understood. This presentation focusses on BCM and how risk management integrates with BCM, provides objective value, and the ability to recover from setbacks, adapt well to change and keep going in the face of adversity.
In a nutshell, risk management together with BCM enables an organisation to optimise the level of risk being taken to best achieve the organisation’s objectives whilst still operating within the risk appetite of the organisation. Risk management is about preserving and enhancing value creation whilst minimizing the risks that lead to value erosion.
In this article, you will learn about Social Learning theory and the advantages and disadvantages of applying this learning technique in your organisation. You will also read examples of ways you can integrate social learning into the workplace to encourage and improve success in your learning environment.
As artificial intelligence continues to reshape industries, the challenges surrounding its governance have become increasingly complex. AI is not just a technological advancement—it is a paradigm shift that requires a new approach to risk management, compliance and ethical responsibility. While privacy and cybersecurity have started to work more closely together, the rapid evolution of AI has introduced legal considerations that have positioned legal as an essential third pillar, creating a new triad – privacy, cybersecurity and legal.
Privacy and Cybersecurity: The Foundation of AI Governance
Cybersecurity has long been the cornerstone of data protection, providing the technical and organizational security controls that support the technical safeguards mentioned in GDPR. When privacy and cybersecurity work together, they form the first line of defense against AI-related risks by:
Ensuring AI systems handle personal data ethically and comply with regulations like GDPR, CCPA and emerging AI-specific laws like the EU AI Act.
Implementing cybersecurity safeguards to protect against unauthorized access, manipulation and adversarial attacks.
Without strong privacy policies and security protocols, AI systems become vulnerable—both to breaches and to legal scrutiny.
This email address is being protected from spambots. You need JavaScript enabled to view it. This email address is being protected from spambots. You need JavaScript enabled to view it.
