Risk Roundup – January 2017
Effective risk governance is critical to building and implementing an effective enterprise risk management (ERM) program, and the most critical risk governance aspect is risk appetite. Defined as “the amount of risk, on a broad level, an organization is willing to accept in pursuit of value”, risk appetite is a codification of a strategic philosophy regarding risk. While this article is about U.S. federal agencies, it can nevertheless apply to any type of organization. Read more
GRC technology is needed to create a robust and sustainable risk management model. GRC technology enables agile and resilient risk management processes by providing a common platform to collaborate, exchange information and conduct reporting. To build the agility and resilience needed, companies are increasingly emphasizing a “three lines of defense” approach to risk management. Read more and download the report.
There have been many articles about the top risks to organizations across the world in 2017, such as cyber-security, political upheaval, economic instability, etc. This article shares a different type of list. It includes risks that are perhaps the most critical but, for whatever reason, rarely figure on any risk register or other ERM report. Read more
Today’s business leaders must decipher a vexing risk/reward puzzle. Those leaders who have excelled at finding the right balance among risk, reward and speed are highly valued. Today’s greatest business leaders are, in a word, risk-centric. They recognize that failure to identify and manage rapidly emerging risks can prove lethal. Contemporary leaders who excel in “leading at the speed of risk” share four risk traits that set them apart: risk awareness, risk intuition, risk acceptance and risk courage. Read more
This article includes six predictions for people considering risk and reputation management for the year ahead. The predictions ask people to challenge conventional wisdom and thinking, and encourage a much more dynamic, innovative and digital approach. Read more
7 Steps to Simplify the Audit and Inspection Process
While the need to reduce costs and stay productive is an important goal for any company, compliance and the risk of an adverse event are still top of mind. By realizing that audits and inspections are not just chores, rather critical processes that enable compliance and safety, companies will begin to see improvements in performance. In 7 simple steps, a company can build a compliant and effective audit and inspection process that is easy to conduct and properly managed. Read more
Risk management may seem simple enough in theory, yet many employees still don’t have the necessary skills and competencies to successfully apply it in practice. One of the key components in building risk management skills is employee training and development. There are a number of initiatives that can be implemented to significantly improve the effectiveness of risk management training. Read more
In recent years, many companies suffered reputation and brand damage as a result of actions or inactions by executives and employees. EHS professionals should consider framing their work in the context of corporate reputation risk to complement the risks being tracked by the business. Read more
This article is about a recent book that explores the mundaneness of how white-collar criminals slide into illegal conduct. There are not many employees who go into a job committed to engaging into criminal actions. They usually get there one step at a time. A compliance program can work to not only stop conduct moving into an illegal realm, but protect the company from the illegal actions of its employees. Read more
The only thing more difficult than getting someone to open an email is getting them to open an email that comes from internal audit. The solution? Clickbait! This fun post includes some subject lines you might use to get that reluctant auditee to open your latest e-mail. Read more
Visit Enablon Insights a month from now to learn more about what caught our attention in Risk and GRC!
A Governance, Risk and Compliance (GRC) platform can help you enable holistic risk management in your organization to adequately prepare for threats and crises. Download The Forrester Wave™: Governance, Risk, And Compliance Platforms, Q1 2016 report and learn more about the 14 most significant GRC vendors.