Search results

The aim of this article is to introduce business wargaming as a tool for ex ante strategy evaluation. Reviewing criticism of other approaches, such as scenarios and computer‐based simulations, this article explores whether business wargaming is a suitable response to this criticism.

This article reviews and discusses the literature on strategy testing and business wargaming.

Business wargaming is capable of responding to criticism of scenarios and computer‐based simulations when applied to the ex ante evaluation of strategy. Business wargaming, which arose from military wargaming, is a strategic simulation that is dynamic and participative, allowing managers to experience how their strategy will compete and endure in their business environment.

Additional research is needed to explore the application of business wargaming in practice as a tool for the testing of strategy.

The article suggests that business wargaming is a valuable tool for testing strategies in a simulation, which is participative and dynamic.

This article fills the research gap on strategy testing and points to a tool – business wargaming – that has been applied intensively in the military field.

“Business wargaming” is a role‐playing simulation of a dynamic business situation that involves a series of teams, each assigned to assume the identity of an entity with a stake in the situation. The process steps for wargaming, important lessons to follow, and a case study are all presented in this article. Wargames offer unique benefits at two points in an organization’s strategic planning process: (1) at its outset, wargames are helpful to convert data and information (about markets, channels, competitors, etc.) into actionable intelligence for subsequent planning; (2) after a basic plan is developed, a wargame can test the plan to ensure it is robust enough to succeed in any realistic combination of events or actions. Attributes of a business wargame: (1) it involves intense competition among five to ten teams, each representing a distinct stakeholder (such as the market, key customers, suppliers, partners, competitors, channels, regulators); (2) the team interact based both on quantitative and qualitative information. Through the use of role playing, cultural issues, rivalries and other subjective factors guide development and assessment of strategies; (3) the wargame process forces a rigorous exam of a situation from multiple perspectives. The various points of view (some hostile) allow the company to recognize opportunities and threats otherwise not noticed using just an “inside‐out” approach; and (4) the gaming allows a broad range of ideas to be developed while the teams aggressively compete to outsmart each other. The time, cost, and effort in preparing a major wargame are spelled out. The case illustrates the potential pay‐off in situations where the wargame makes strategic choices apparent.

Leaders at all levels of the company need to institute a simple but effective routine for collecting the information needed to take strategic action. This article explains how to make that process pervasive and suggests some specific tools to help it work effectively in your organization. There are three basic steps to strategic decision‐making: getting the right information, making a good decision and then implementing that decision. Success in the information stage translates into knowing the types of information needed to make the decision, finding it, and transmitting it quickly to the decision‐makers. The information required falls in three categories: knowledge about the competition, knowledge about your own company, and knowledge about your marketplace. It is not enough to merely gather the information; an infrastructure must be in place to ensure that market information is getting back to the decision‐makers. Get the decision‐makers together regularly to close on important issues. Critical to making better decisions is to identify alternative courses of action rather than simply one proposal. In addition to basic strategic planning there are two ways to experience making decisions under simulated conditions: wargaming and scenario planning. Regularly tracking the successful implementation of decisions made is a key method of ensuring action.

The purpose of this paper is to describe a gaming approach to making key theoretical ideas accessible, understandable and useful for security practitioners confronting “terrorism” in the real world.

The tool is instrumental “red-team” matrix gaming: a structured way to first build and then wargame instrumental “terrorist” attack plans. The working assumption is that “terrorist” violence is designed with purpose, and that it reflects Fromkin’s understanding that terrorism is a form of jujitsu to manipulate more powerful opponents into politically and ideologically self-destructive behaviours. By designing and gaming attack plans with political objectives as the focus, practitioners quickly gain a deeper understanding of the processes of violent influence and the role of responders and decision makers. The paper is structured to, first, provide a theoretical explanation of contemporary conflict, focussing on the public support and how violence can be differently designed to political ends. On this foundation, the methods for learning are explained. A “playing-card” technique for setting students objectives in terms of psychological levers, vulnerabilities, political purposes and influence targets is described and options for participants generating scenarios outlined. Then the matrix-gaming approach, where play progresses according to the result of a dice roll applied to a probability based on the merit of participants’ competing arguments is explained with an example.

The described method of creating and wargaming terrorist attack plans offers a new and engaging method of exploring and understanding the processes of terrorism while preparing practitioners by potentially developing both their decision making and resilience.

The method described has potential value for teaching about terrorism by generally improving student engagement, preparing practitioners to respond to terrorism and wider application (of matrix gaming) to other topics.

This is a novel application of matrix gaming in a simplified format suited for classrooms.

The study aims to determine the outcomes of mentorship in an online game system, as well as the characteristics of good mentors.

A combination of anonymized survey measures and in-game behavioral measures were used to power longitudinal analysis over an 11-month period in which protégés and non-mentored new players could be compared for their performance, social connections and retention.

Successful people were more likely to mentor others, and mentors increased protégés' skill. Protégés had significantly better retention, were more active and much more successful as players than non-protégés. Contrary to expectations, younger, less wealthy and educated people were more likely to be mentors and mentors did not transfer their longevity. Many of the qualities of the mentor remain largely irrelevant—what mattered most was the time spent together.

This is a study of an online game, which has unknown generalizability to other games and to offline settings.

The results show that getting mentors to spend dedicated time with protégés matters more than their characteristics.

Good mentorship does not require age or resources to provide real benefits.

This is the first study of mentorship to use survey and objective outcome measures together, over time, online.

Being resilient in the face of risks that have the ability to negatively impact the strategic objectives, reputation or existence of the organisation is now not just an interesting concept but a matter of organisational life and death in many industries. However, very few businesses go beyond simply implementing measures to defend their competitive advantage in the face of market changes and business continuity capabilities to be able to survive operational disruptions. The paper aims to discuss these issues.

This paper uses real-life examples to explore some of the main issues associated with organisational resilience that are observed in the business and management literature. The aim is being able to demonstrate some of the practical reasons why organisational resilience is so hard to implement and what can be done to make it easier.

Organisational resilience is a business outcome and, as such, requires a holistic and adaptive management approach. This is theoretically straightforward as organisations are used to working together towards business outcomes. However, in practice three main issues generally thwart resilience-building activities: different professional groups within organisations anchor their understanding of resilience based on related interpretations such as psychology, ecology, economics, engineering, etc., which leads to internal conflict; there is often a widespread belief (or hope) that static goals and objectives will work in a dynamic environment; and flawed risk perceptions hamper organisation-wide situational awareness.

Faced with these issues, it is easy to understand why resilience activities are frequently limited to the tactical things that can be put in place to protect the organisation and its assets against acute shocks. However, as the risk landscape becomes ever more complex and uncertain such a defensive approach will only increase the vulnerability of organisations.

However, there are some straightforward and practical steps that organisations can take to break down internal barriers and promote a more collegiate approach to organisational resilience. An approach that is not only more efficient in terms of the management of risk but is also more cost effective and has a positive impact on culture, brand and reputation.

The purpose of this paper is to highlight the potential of cyber-testing techniques in assessing the effectiveness of cyber-security controls and obtaining audit evidence.

The paper starts with an identification of the applicable cyber-testing techniques and evaluates their applicability to generally accepted assurance schemes and cyber-security guidelines.

Cyber-testing techniques are providing insight in the effectiveness of the actual implementation of cyber-security controls, which may significantly deviate from the conceptual designs of these controls. Furthermore, cyber-testing techniques could provide concise input for cyber-risk management and improvement recommendations.

The presented cyber-testing techniques could complement traditional process-oriented assurance techniques with specialized technical analyses of real-world implementations that focus on the adversaries’ viewpoint.

In recent years, Australian regulators have focussed on the financial crime compliance obligations of banks and other reporting entities, and there is a clear expectation that banks develop effective approaches to the management of non-financial risk. Red teaming is a methodology used in the intelligence and military domains to understand external threats. The purpose of this paper is to provide an overview of red teaming methods, set out a framework for using them in financial crime compliance and provide practical examples of red teaming exercises, which banks can use to manage financial crime risks.

This paper provides an overview of the financial crime compliance landscape in Australia. It outlines some of the key concepts and techniques used in red teaming, drawing in particular on the framework developed by strategic policy expert Micah Zenko. It explores the benefits of red teaming for financial crime compliance practice, concluding with three example exercises for financial crime teams.

Based on this research, red teaming methods can assist banks in taking a proactive approach to identify and mitigating financial crime risks. Rather than confining red teaming to cybersecurity applications, banks should consider they can use red teaming methods in their financial crime compliance functions.

This paper represents the first assessment of how to apply red teaming methods to risk management in financial crime compliance. It combines a historical and theoretical overview of red teaming methods with example red teaming exercises for money laundering, sanctions and strategic policy scenarios.