Once a month, our Risk Roundup provides a recap of 10 interesting articles and online resources on Risk and GRC that caught our attention. We hope you enjoy the recap for September 2016.
Operational risks are defined by their ability to lead to adverse events. Operational Risk Management centers on Environmental, Health and Safety (EHS) risks that can cause accidents or incidents. This post discusses why and how operational risks need to be managed effectively, the three essential ORM process capabilities, and considerations for implementation. Read more
Reputation is priceless, and helps to sustain relationships and drive success. For organizations in today’s highly connected and complex business world, reputation should be managed with care. There are many risks that can threaten a company’s reputation, but firms that ask the right questions—and implement the proper governance, reporting and sensing practices—can mitigate them. Read more
In this in-depth interview series, David Robbins, Senior Partner and Managing Director of ERM’s Information Solutions operations for the Americas, highlights the challenges that asset-intensive companies face in managing compliance, and how oil and gas companies can keep pace with the coming changes in the industry.
Excluding banking and insurance, the most widely used frameworks by risk management practitioners are based either on ISO or COSO. This article provides a side-by-side comparison of the ISO 31000:2009 and COSO ERM frameworks. Read more
In the context of project management, there are a number of reasons why risk management can become ineffective. This video explains a few of them. Watch video
Project managers can get ahead of their risks by thinking differently. Rather than focusing on past performance only, they should consider how they can anticipate future threats and opportunities. Key risk indicators (KRIs) are needed. While KPIs and KRIs are used mostly in operational and enterprise risk management, these measures can also help project managers. Read more
Organizations need to develop and maintain disaster recovery or business continuity plans. Internal audit can support business continuity by helping the C-suite understand risks, as well as the options created by effective business continuity management (BCM). Good BCM enables organizations to overcome work stoppages as quickly as possible while maintaining recovery capabilities, restoring resources, managing supplies, and aligning with emergency management processes. Read more
In this post, Norman Marks argues that many boards (or a committee of the board) should take periodic deep dives into: 1) How the management team identifies, understands, assesses and addresses risks to enterprise objectives, and 2) How that same management team addresses specific sources of risk. Read more
Many boards fail to understand the difference between their company’s risk appetite and risk tolerance. Boards must clearly articulate their company’s risk appetite in order for risk managers to do their jobs, according to one of Australia’s risk management veterans. Read more
Strengthening compliance across a retail organization—from the farthest reaches of local stores and supply chain partners to the corporate offices and, ultimately, the board—calls for a new approach to enterprise compliance for many retailers. This article discusses the benefits of an enterprise compliance program for retail organizations. Read more
Visit Enablon Insights a month from now to learn more about what caught our attention in Risk and GRC!
A Governance, Risk and Compliance (GRC) platform can help you enable holistic risk management in your organization to adequately prepare for threats and crises. Download The Forrester Wave™: Governance, Risk, And Compliance Platforms, Q1 2016 report and learn more about the 14 most significant GRC vendors.