Risk Roundup - December 2015

December 21, 2015
By Jean-Grégoire Manoukian

Once a month, our Risk Roundup provides a recap of 10 interesting articles and online resources on Risk and GRC that caught our attention. We hope you enjoy the one for December 2015.

Genentech, Northern Trust: How risk builds resilience

This GreenBiz article explains the relationship between resilience and risk-taking and how to foster resilience when faced with risks. The article also talks about risk tolerance and how it impacts the company culture and the process of building resilience.

Combine Risk Analysis Tools to Improve Product Safety

This article in Design News says that assessments are often performed too late in the product development cycle and only one type of risk analysis tool is used. The article shows how a combination of risk analysis tools can be used together to improve overall risk assessment throughout the phases of product development.

Facility Management Compliance: Don’t Ignore These Seven Areas

Facility Executive makes the point that changing business requirements have made facilities management compliance a challenge for many companies. The article talks about new research that reveals the potential risks needed to be addressed by facility management.

[Infographic] Risk Sensing: The (evolving) state of the art

A new survey of 155 C-level executives at companies with revenue of at least $1 billion shows that the pace of innovation, increased regulations, damage to reputation and talent gaps are the leading risks to companies’ business strategy. In addition, many are not using risk-sensing tools. Risk sensing involves the use of human insights and advanced analytics capabilities to identify, analyze and monitor emerging risks. The infographic by Deloitte summarizes the survey findings.

Risk Sensing

How Mature is Business Continuity?

OCEG ran a poll on Business Continuity Management (BCM) and this blog post provides some of the results. For example, more than 75% of respondents indicated that their organization has a formal program for BCM, but the poll also shows that BCM might not be taken seriously.

Planning For Risk Management

This video by StormWind provides a high-level overview of how to gather information on stakeholder tolerance levels for risk, in order to effectively begin planning for risk in the context of project management.

Third-party Risk Management: Building a Robust Approach

Companies have worked with suppliers, outsourcers, agents, etc. for years. But the frequency and scale of third-party use and the regulatory focus on how organizations are managing third parties to address risks have changed. Kristian Park of Deloitte discusses the escalation in third-party risk and the ways organizations should mitigate it.

Applying Practical Strategies to Supply Chain Risk

Michael Volkov from the Volkov Law Group discuss reputational risks that may be applicable to a company’s supply chain. Volkov’s blog post also includes some tips and advice on how to mitigate supply chain risks, such as focussing on primary vendors and suppliers.

Putting the “L” for Legal into GRC

This blog post from OCEG stresses that the Legal department of a company plays a critical GRC role, from regulatory interpretation and policy design, to involvement in third-party due diligence and compliance investigations, to advising both internal audit and risk management based on legal findings.

Risk Management Is More Than Hazard Identification

Many people fail to distinguish between a hazard and a risk. They are not the same thing, and people use both terms interchaebabiliby without understanding the differences. This post on Enablon Insights explains the differences between the two, and how they fit in risk management.

Visit Enablon Insights again a month from now to learn more about what caught our attention in Risk and GRC.