Once a month, our Risk Roundup provides a recap of 10 interesting articles and online resources on Risk and GRC that caught our attention. We hope you enjoy the recap for October 2016.
Over the past few years, there has been a significant transformation away from injury-based and compliance-based programs to the development of safety management systems that provide for continuous improvement and focus on risk reduction. Read more
Operational risk is the risk of loss that results from problems with internal processes, people and systems, or from external events, in the course of conducting your business. From window cleaners to accountants, everyone in business should be aware of operational risk, and know how to manage it. Read more
Cash optimization is the top business risk in mining and metals, as companies plan for longer-term profitability amid market volatility, according to a report by EY that explores the top ten risks in the industry. The report includes infographics, insights, and advice on how to navigate each risk. Read more
Reacting to changes in government enforcement priorities, complying with regulations and dealing with technologies that help identify enforcement targets add to the list of EHS compliance challenges at regulated facilities. In addition, evolving business climates have prompted regulated entities to view EHS as stand-alone profit-and-loss centers. All of this impacts the way EHS compliance is delivered, measured and achieved. To address the changing landscape, auditing practices must broaden in scope and shift focus in order to effectively measure compliance while delivering reasonable ROI. Read more
Policies are critical to the organization as they establish boundaries of behavior for individuals, processes, relationships and transactions. But most organizations do not connect the idea of policy to the establishment of corporate culture. Without policy, there is no written standard for acceptable and unacceptable conduct, and an organization can quickly become something it never intended. Read more
There is sometimes confusion and misunderstanding around terms used widely in the field of risk management. This post on Enablon Insights demystifies “risk appetite” and “risk tolerance”, with the hope that it helps you understand both concepts, so that you can integrate them in your enterprise risk management framework.
As the marketplace becomes more competitive, organizations must be able to rely on the strength of their brand and reputation to attract and retain customers, business partners, employees and investors. But for many, brand and reputation risk management remains elusive until an incident or crisis occurs. Read more
Most organizations focus on supplier risk elements that are relatively easy to implement, such as supplier financial risk management, which is a good start. It essentially helps monitor supplier viability through the lens of financial statements. But supplier financial risk management only goes so far. It does provide an “assurance of supplier,” but it doesn’t necessarily protect your assurance of supply from that supplier. Read more
The rise of Internet-connected devices and systems brings both new opportunities and risk for modern organizations. Internal audit, as the third (and last) line of defense can play a role in identifying and defending against risks that emerge. And with compliance as part of an enterprise-wide risk assessment, there are also roles for both on the importance, benefits and competitive edge that the IoT can bring. Read more
In many organizations, risk is an inevitable part of the CFO’s portfolio. On the one hand, CFOs are devoting serious attention to corporate performance. On the other, they are being forced to think more tactically and defensively, as global volatility and a long list of mixed signals confront them with plenty of uncertainty. Read more
Visit Enablon Insights a month from now to learn more about what caught our attention in Risk and GRC!
A Governance, Risk and Compliance (GRC) platform can help you enable holistic risk management in your organization to adequately prepare for threats and crises. Download The Forrester Wave™: Governance, Risk, And Compliance Platforms, Q1 2016 report and learn more about the 14 most significant GRC vendors.