Carol Williams, Author at Carol Williams

80 posts, 37

https://www.erminsightsbycarol.com

The Ultimate Primer for Effective Risk Reporting

A mechanism for ensuring leadership, business managers, and other stakeholders make risk-informed decisions and fulfill oversight duties At the end of the day, the ERM process should be regarded as a cycle or feedback loop…meaning, there’s never a definitive end point. It’s like the four seasons of the year – there’s never an end point,…

ERM Implementation: What Risk Professionals Consider the #1 Challenge To Be

Podcast: Play in new window | DownloadI recently asked of fellow risk professionals “what is your single biggest challenge when it comes to ERM implementation?” What do you think the answers were? Maybe figuring out how to assess risks? Maybe integrating with strategy? Or aggregation of risks? Nope. Tone at the top! Yes, the executives…

When Organizational Culture Fails….

Podcast: Play in new window | DownloadA recent Business Insider article on Uber’s self-driving car incident goes in-depth into the culture of the company. Uber has been going through changes for over a year, beginning with the CEO being fired in 2017 amid charges of sexual harassment claims throughout the company. Uber has been focused…

Risk Reduction – A Response Strategy for Decreasing the Impact of Potential Risk Events

Podcast: Play in new window | DownloadIf the popularity of my article from early 2017 outlining risk response strategies is any indication, organizations spend a lot of time thinking about the best way to address a particular risk. This popularity is the reason why I want to give risk professionals a more thorough understanding of…

Explaining the Why of Enterprise Risk Management

During the North Carolina State University’s ERM Roundtable Summit this fall, one of the topics of conversation focused on how to involve more people from across the organization in ERM. During this discussion, we were all asked, “how many of you have talked extensively about ‘what ERM is’ and explained ‘we are conducting surveys, interviews,…

Traditional vs. ERM – Going Beyond Managing Risks One at a Time

When I first began my blog, the first big topic I explored was the difference between traditional and enterprise risk management. In the traditional vs. ERM article (one of the most popular articles of all time), I outlined eight ways that separate each of these concepts. Today, I want to dive a bit deeper on…

Practicing ERM without a Formal ERM Program

Many of the ERM resources you encounter on my blog and elsewhere focus on elements of a formal program like developing a framework, establishing risk appetite, and more. We imply, at least indirectly, that your organization must have this formal structure in place before practicing ERM. However, this isn’t always the case… Double-take – why…

Why Assigning a Risk Owner is Important and How to Do It Right

Falling in the middle of the risk management cycle (after developing risk appetite and tolerance and identifying, but before assessing and analyzing risks), the organization then must identify who will “own” or be responsible for a particular risk. Although the exact definition of what a risk owner is will vary depending on the organization, it…

Lessons in Personal Risk Tolerance – Hurricane Michael Edition

The second article I ever wrote on this blog was on the local impact of Hurricane Hermine in 2016. And now, Tallahassee and the Florida Panhandle region is once again recovering from another hurricane, this one Hurricane Michael. Hurricane Michael reached Category 4 (winds of 130-155 mph or 209-251 km/h) shortly before landfall, making it…

Traditional vs. ERM – Elevating Risk Management from the Business Unit to the Whole Enterprise

One of my most popular articles discusses the differences between traditional risk management and ERM, with one of the core differences being the approach to risk. Traditional risk management occurs within a singular business unit – it is departmentalized or occurs in what’s called a “silo” or “stove pipe.” The IT Director or Chief Technology…

Posts by Carol Williams