Once a month, our Risk Roundup provides a recap of 10 interesting articles and online resources on Risk and GRC that caught our attention. Enjoy the recap for April 2017.
Environmental, health, and safety (EHS) risks are a critical component of any business’ overall risk management portfolio, but are often overlooked. EHS risks exist for every type of facility, regardless of industry. The goal of an EHS regulatory compliance audit is to determine whether there are gaps between a facility and its activities/operations and the applicable EHS regulatory requirements. Read more
The percentage of organizations with relatively mature risk management processes increased over recent years, but the majority of organizations still do not believe their processes reflect a “complete” or robust ERM process. While progress is being made, there is still room for significant improvement in risk oversight for many organizations, according to the study “2017 The State of Risk Oversight: An Overview of Enterprise Risk Management Practices”. Read more
Everyone knows that you need to do a risk assessment before starting anything. But the next question is the tricky part. What do you actually have on a risk assessment? This article provides a list of the five essential points to cover on any risk assessment. Read more
PwC released its 13th annual State of the Internal Audit Profession study, which found that internal audit functions are losing ground in trying to keep pace with stakeholder expectations. The study takes a look at the influences disrupting organizations today, and how Internal Audit can build the resiliency to evolve and increase its organizational value amidst disruption. Read more
Risk is no longer just a part of doing business, risk management must now be integral to a company. Company growth and increasing global regulations have put a focus on risk management among stakeholders. Also, recent external events bring to light the importance of having a plan in place. Organizations looking to improve their management of risk should follow the seven steps outlined in this Enablon Insights post.
In the oil and gas industry, the nature of working with hazardous materials in hostile environments means workers are often exposed to dangerous conditions. Reducing risk must be at the centre of all new projects. This article discusses how managing risks through continuous asset monitoring and connected technologies can highlight equipment failures and operational issues before they contribute to disaster. Read more
There will always be areas of risk for the oil and gas industry that require attention as it emerges from the slump. Of continuing concern of a more general note is the attention to people, plant and processes as companies work with leaner budgets and workforces, and are under pressure to maintain or develop a healthy bottom line. Read more
Organizations take risks but fail to monitor and manage them effectively. Further, risk management is too often seen as a compliance exercise and not truly integrated with decision-making and objectives. Organizations should take a federated approach to risk management that allows different projects, processes and departments to have their own view of risk that can roll into enterprise and operational risk management that supports business objectives, and is integrated with decision-making. Read more
The primary directive of a mature risk management program is to deliver effectiveness, efficiency, and agility to the business in managing the breadth of risks in the context of organizational performance, objectives, and strategy. This requires a strategy that connects the enterprise, business units, processes, transactions, and information to enable transparency, discipline, and control of the ecosystem of risks across the extended enterprise. Read more
One effect of increasing globalization is that more organizations now depend on multi-tiered supply chains. That can increase potential risks, both because organizations now find themselves reliant on more third parties than before, and also because some of those third parties may operate so far down the chain as to be almost invisible. One way to spot potential risks is to use automated due diligence and social media monitoring tools to analyze publicly available data, which can shed light on possible vulnerabilities. Read more
Visit Enablon Insights a month from now to learn more about what caught our attention in Risk and GRC!
A Governance, Risk and Compliance (GRC) platform can help you enable holistic risk management in your organization to adequately prepare for threats and crises. Download The Forrester Wave™: Governance, Risk, And Compliance Platforms, Q1 2016 report and learn more about the 14 most significant GRC vendors.