We begin with the identification of synergies between BCM, Information Security and IT Audit/Controls. The evolution of operational risk within Direct Energy will be discussed. Examples of cost savings, risk avoidance & effective recovery and organizational placement of this team within Direct Energy and the need for a well defined control framework will be discussed.