Once a month, our Risk Roundup provides a recap of 10 interesting articles and online resources on Risk Management and GRC that caught our attention. Enjoy the recap for February 2017.
We are used to identifying a risk, analyzing the potential consequences and their likelihood, and then establishing a “risk level”. We evaluate whether the level of risk is acceptable or not, based on risk appetite, risk criteria, etc. But is that sufficient? Read more
Does a risk register help people formulate and then execute the right strategies for the organization to deliver optimal value? The purpose of risk management is not to produce or review a list of risks. It is to help the organization achieve its objectives by considering what might happen and acting to optimize outcomes. Read more
Supply chains are subjected to a wide range of potential disruptions and risks every year. Though the three categories of global risks remain the same (Natural, Manmade, Economic), the frequency and severity of risks experienced year to year varies. In order to avert supply chain disruption, businesses need to be proactive in identifying and managing risks. Read more
Only one in five UK organizations has a structured enterprise-wide risk identification process and more than 45% of British businesses admit they could be better at managing emerging operational risks. It is vital for organizations of all sizes across all sectors to continually monitor the potential risks to their business and ensure a strategic plan is in place for the years ahead. Read more
Bowtie risk analysis is one of the most common risk management tools because it helps to visualize causes and impacts of risks, and better determine the controls to put in place. Risk management software can improve the usage of bowtie risk analysis in many ways, which helps to mitigate risks more effectively.
Richard Chambers, President and CEO of The Institute of Internal Auditors (IIA), has covered many topics related to the day-to-day workings of internal auditing over eight years. He decided to take a look back at those first few blog posts to see whether the challenges and opportunities facing the profession then are much different than those faced today. Read more
CFOs’ aversion to risk appears to be increasing, according to Deloitte’s fourth-quarter 2016 CFO Signals™ survey, with those favoring risk-taking at near survey lows as they wait for clarity around government policy. The survey tracks the thinking and actions of 137 CFOs representing many of North America’s largest and most influential organizations. Read more
There is something very real and very important to the growing use of automation and artificial intelligence within compliance, especially in light of the growing need for measuring effectiveness in compliance programs, and demonstrating a proper return on investment. The idea is not to eliminate humans from compliance entirely, but to make sure that the humans who are in compliance can focus on more strategic risk analysis, and get out of the fact-checking business. Read more
Insurance is usually a very important part of an overall strategy of risk management. Insurance, however, is only one of a suite of treatment options available to organizations wanting to manage the uncertainty associated with achieving their goals and objectives. You might say insurance is part of risk management, but risk management is much more than insurance. Read more
Analyzing corruption risk should be a key factor in businesses’ research into a new market. Involvement in corruption, whether direct or via a third party, poses reputational risks as well as risk of prosecution. Corruption remains widespread in many countries, and the latest edition of the corruption perceptions index from Transparency International suggests that the problem worsened in more markets than improved in 2016. Read more
Visit Enablon Insights a month from now to learn more about what caught our attention in Risk and GRC!
A Governance, Risk and Compliance (GRC) platform can help you enable holistic risk management in your organization to adequately prepare for threats and crises. Download The Forrester Wave™: Governance, Risk, And Compliance Platforms, Q1 2016 report and learn more about the 14 most significant GRC vendors.