Since 2015 the Generali Group has been part of the ORX (Operational Risk data eXchange association), an organisation set up to share “negative events” among the leading international peers operating in the insurance and banking sector. The aim is to use the information collected to improve internal controls and anticipate emerging trends: the Risk Management Department also shares these data with the Risk Owner to increase the understanding of the phenomenon and improve the overall effectiveness of the long-term evaluations. The Generali Group is also a member of the CRO Forum, an active collaborator of the Cyber Risk working group, whose main goal is to develop risk management techniques in the area of cyber war and terrorism and reference standards for the management of cyber risk. Finally, we have agreements with the national authorities in the area of IT security (CERT Nazionale), mainly as regards sharing intelligence on threats.
In Italy the innovativeness of our security awareness programme saw it awarded the “Premio Adriano Olivetti”, an award for innovative education, from among a field of 250 candidates. The goal of the programme is to raise the awareness of all Generali Group employees about potential security risks and to teach them how to confront them correctly using an innovative series of videos. The eight episodes featuring professional actors are full of engaging scenes.
Cyber Risk Management framework
The Cyber Risk Management framework is an innovative methodology that seeks to manage, understand, measure and mitigate IT security risks. It was acknowledged with the GRC - Governance, Risk and Compliance Excellence Award: developed by Generali, this methodology was presented at the RSA EMEA Summit in London where it faced competition from other participants representing the world’s leading financial institutions.