Once a month, our Risk Roundup provides a recap of 10 interesting articles and online resources on Risk and GRC that caught our attention. Enjoy the recap for November 2018.
There is a range of potential consequences from an event, situation or decision, and each has its own likelihood. But in reality, there are some situations where the range of consequences might include both positive and negative effects. In other words, the idea that risk and opportunity are different because one has a positive and the other a negative connotation is not entirely correct. Read more
Stakeholders expect risk monitoring to provide intelligence that supports strategic decision-making. Predictive risk intelligence could help solve many complex challenges. Organizations can get an early warning system on emerging risks, potential loss and risk exposures, and external threats by using predictive risk intelligence (PRI). With PRI, organizations can enhance their ability to detect and monitor risks and make more informed decisions faster. Read more
In this video, Alex Sidorenko discusses whether executive management and the board should regularly receive risks reports, and if not, why. Watch video
When you identify a risk with varying event sizes and varying consequences, you still need a consequence rating. Do you take an average impact, the most likely-case impact, or the worst imaginable impact? Or do you see each impact case as a separate risk? This article recommends answers to that question. Read more
The path to risk resilience must be an effort led by the board and senior management, which must establish the right risk profile and appetite. Success depends on the support of a thriving risk culture and on successfully embedding strategic risk capabilities throughout the organization. Read more
Learn how Koch Industries uses Enablon to successfully reduce risks of adverse events and improve EHS performance. Through Enablon, Koch identifies risk areas across all its business units and locations, and looks for trends and addresses them before they become problems.
Assigning owners for risks is important. First, a designated risk owner ensures someone in the organization is accountable for the risk. Second, risk ownership is one way for executives to not only hold individuals accountable for risks, but to show their support for ERM in general. Third, appointing a risk owner ensures that the ERM function does not own risks. Read more
As the risk landscape changes and the speed of risk increases, internal auditors must expand their skills and update their processes. They must also embrace a mindset of being flexible, agile, and open to responding quickly to disruptive threats and to new and emerging risks. This article is about the future of internal audit and the keys to its continued ascendency as a vital component in an organization’s risk management and control structure. Read more
Risk managers need to be clear on how their organizations collect, analyze and use data to ensure their policies and procedures meet all regulatory requirements, and that they are acting within the expectations of their customers. Risk managers must ensure their companies don’t fail to comply with any regulation and that their business is well positioned to take advantage of big data used within the rules to stay ahead of their competitors. Read more
This article explains the steps to create a cause and effect diagram, also known as a “Fishbone Diagram”, which is a simple but powerful tool for solving problems. The article also includes tips for creating the diagrams. Read more
Visit Enablon Insights again a month from now to learn more about what caught our attention in Risk and GRC!