Risk Roundup - October 2016

October 17, 2016
By Jean-Grégoire Manoukian

Once a month, our Risk Roundup provides a recap of 10 interesting articles and online resources on Risk and GRC that caught our attention. We hope you enjoy the recap for October 2016.

Moving the Culture from Compliance to Risk Management

Over the past few years, there has been a significant transformation away from injury-based and compliance-based programs to the development of safety management systems that provide for continuous improvement and focus on risk reduction. Read more

What Is Operational Risk Management?

Operational risk is the risk of loss that results from problems with internal processes, people and systems, or from external events, in the course of conducting your business. From window cleaners to accountants, everyone in business should be aware of operational risk, and know how to manage it. Read more

Business Risks Facing Mining and Metals 2016-2017

Cash optimization is the top business risk in mining and metals, as companies plan for longer-term profitability amid market volatility, according to a report by EY that explores the top ten risks in the industry. The report includes infographics, insights, and advice on how to navigate each risk. Read more

EY Business Risks Mining and Metals

The Continued Importance of Compliance Auditing: Shifts in Scope Provide Increased Value

Reacting to changes in government enforcement priorities, complying with regulations and dealing with technologies that help identify enforcement targets add to the list of EHS compliance challenges at regulated facilities. In addition, evolving business climates have prompted regulated entities to view EHS as stand-alone profit-and-loss centers. All of this impacts the way EHS compliance is delivered, measured and achieved. To address the changing landscape, auditing practices must broaden in scope and shift focus in order to effectively measure compliance while delivering reasonable ROI. Read more

Policy Management Demands Attention

Policies are critical to the organization as they establish boundaries of behavior for individuals, processes, relationships and transactions. But most organizations do not connect the idea of policy to the establishment of corporate culture. Without policy, there is no written standard for acceptable and unacceptable conduct, and an organization can quickly become something it never intended. Read more

There is sometimes confusion and misunderstanding around terms used widely in the field of risk management. This post on Enablon Insights demystifies “risk appetite” and “risk tolerance”, with the hope that it helps you understand both concepts, so that you can integrate them in your enterprise risk management framework.

Protecting Brand and Reputation: Getting It ‘Right’ from the Get Go

As the marketplace becomes more competitive, organizations must be able to rely on the strength of their brand and reputation to attract and retain customers, business partners, employees and investors. But for many, brand and reputation risk management remains elusive until an incident or crisis occurs. Read more

Are We Solving the Right Problem with Supplier Risk Management?

Most organizations focus on supplier risk elements that are relatively easy to implement, such as supplier financial risk management, which is a good start. It essentially helps monitor supplier viability through the lens of financial statements. But supplier financial risk management only goes so far. It does provide an “assurance of supplier,” but it doesn’t necessarily protect your assurance of supply from that supplier. Read more

Internet of Things’ Role in Internal Audit & Compliance

The rise of Internet-connected devices and systems brings both new opportunities and risk for modern organizations. Internal audit, as the third (and last) line of defense can play a role in identifying and defending against risks that emerge. And with compliance as part of an enterprise-wide risk assessment, there are also roles for both on the importance, benefits and competitive edge that the IoT can bring. Read more

In the Wee Hours: What’s Keeping CFOs Awake?

In many organizations, risk is an inevitable part of the CFO’s portfolio. On the one hand, CFOs are devoting serious attention to corporate performance. On the other, they are being forced to think more tactically and defensively, as global volatility and a long list of mixed signals confront them with plenty of uncertainty. Read more

Visit Enablon Insights a month from now to learn more about what caught our attention in Risk and GRC!

A Governance, Risk and Compliance (GRC) platform can help you enable holistic risk management in your organization to adequately prepare for threats and crises. Download The Forrester Wave™: Governance, Risk, And Compliance Platforms, Q1 2016 report and learn more about the 14 most significant GRC vendors.

The Forrester Wave Governance Risk Compliance Platforms