Risk Roundup - May 2018

May 21, 2018

Once a month, our Risk Roundup provides a recap of 10 interesting articles and online resources on Risk and GRC that caught our attention. Enjoy the recap for May 2018.

[Report] A Risk Practitioners Guide to ISO 31000:2018

This guide from the Institute of Risk Management (IRM) explains the approach used in ISO 31000 and identifies the importance and relevance of ISO 31000 and other frameworks. The guide also outlines the practical application of ISO 31000 and provides commentary on the use of the standard by risk professionals and on its implementation. Download report

Nine Cognitive Biases Risk Managers Should Know

Bias skews perception, leading to bad decisions. Everybody has biases. The difference is that some people are better than others at recognizing them. This article explains nine biases that risk managers should know about, in order to make sure that they make the right decisions. Read more

Getting to Know Your Company’s Risk Appetite

It is really important for an organization to keep track of the things they are willing to do and not confuse them with other risky behaviors they aren’t. This is called determining the company’s risk appetite. When it comes to risk appetite, there are three categories: “On-strategy”, “Parameterized risks”, and “Off-strategy”. Read more

Communicating With Stakeholders

In this video, thought leader and former chief audit executive Norman Marks describes the biggest mistake internal auditors make when communicating with management and the board, and offers insight on how to improve those communications. Watch video


Making Data Risk a Top Priority

The rapid adoption of new data technologies, including artificial intelligence and the cloud, has made data risk a bigger concern for organizations in almost every industry. Strong data management and a thorough understanding of related risks are critical to managing trust with data, both from within the organization and externally. Read more

Risk Management of Technology Risks Lagging, Survey Finds

Technology is becoming more and more necessary for the growth of companies, enhancing their abilities to get products to market faster and automate core processes. But while emerging technologies like artificial intelligence and blockchain are fast becoming the new normal, risk management is not keeping up. Read more

Since artificial intelligence is a combination of algorithms, and since algorithms are programmed by humans, there could be a risk that AI may not produce the desired outcomes. This does not undermine the benefits of AI, but it does imply that organizations should consider AI risk, ask themselves some key questions, and even audit the outcomes of AI.

Managing the Pressures of Compliance Risk in Global Supply Chains

The rapid pace of new product introductions, a shifting third-party provider landscape, and global logistics and distribution disruptions have become common challenges for organizations that operate on a worldwide basis. In turn, those challenges are placing greater pressures on global supply chain compliance. Read more

​6 Essentials to Jump-Start Data Analytics in Internal Audit

Internal auditors are increasingly taking advantage of new technologies to incorporate data analytics in their audits. More and more chief audit executives are jumping into this growing area by assigning auditors to “go do data” without sufficient training, preparation, or strategic direction. Auditors taking on this role need to be aware of the risks surrounding data analytics. Read more

Not Your Father’s Risk Management

Yesterday’s risk management practices are no longer adequate to address today’s threats. Risk can be positive, negative or both, and can address, create or result in opportunities and threats. The key driver for effective risk management is to create and protect value. Read more

Visit Enablon Insights again a month from now to learn more about what caught our attention in Risk and GRC!

Webinar GRC Operational Excellence