accepting risk

Alternative Methods to Clarifying Risks and Opportunities

Have you ever asked 10 people the same question and received 10 different answers? It may seem funny in hindsight or on your favorite sitcom, but I can attest personally that it can be incredibly frustrating. In a previous article outlining the elements of a clearly articulated risk statement, I discussed how not having a…
Read More

3 Components of an Effective Risk Statement

Have you ever been given an assignment at work without clear instructions? It can be dizzying to try and figure out what your first steps to be. At best, it’s disconcerting not knowing if you’re on the right track, and at worst, you don’t even know what your desired end result should be or look…
Read More

Another Baby Step in the Qualitative to Quantitative Risk Assessment Journey

To achieve success either as individuals or collectively as a group, we must resist the temptation to be stagnant and always seek improvement. A previous article where I discuss how to develop a growth mindset is one example of putting this idea into action. Kaizen, a Japanese term that literally translates to “continuous improvement,” is…
Read More

Risk Appetite and Risk Tolerance – Which Definitions Do You Use?

In follow up to our recent article on handling risks that exceed the company’s appetite, we would like to share this perspective from our friend Hans Læssøe on this complex and controversial topic. Hans’ article below describes how the world’s leading risk management standards, COSO and ISO 31000, have differing definitions on risk appetite and…
Read More

Finding the Right Talent for Understanding Uncertainty

I don’t particularly like discussing the coronavirus pandemic; it seems like the topic is pretty worn out, but for organizations of all types and sizes, the pandemic and governments’ response to it over the last year blew the lid of uncertainty wide open. Now it’s not that 2020 ushered in the age of uncertainty –…
Read More
technology risk

Is Technology Risk Bigger Than “Cyber” Risk?

It’s not an earth-shattering thing to say that news of hacks, data breaches, and other technology hiccups has grown exponentially in recent years. Between January and September 2019, 7.9 billion records were exposed, marking a 33% increase from the same period in 2018. A few of last year’s data breaches include: An error in pharmacy…
Read More
ERM & audit

Understanding the Changing Dynamics between ERM & Audit

As is often repeated here and elsewhere, the world is changing at an incredibly fast pace. Even without this year’s coronavirus pandemic, this pace will only accelerate in the years and decades ahead as automation, AI, machine learning, and other technologies continue to develop. ERM and audit are not immune to this change… Internal auditors…
Read More

What to Do When Risks are Unavoidable

As is often repeated on this blog and elsewhere, the focus of risk management should not be minimizing harm to the organization but achieving objectives and maximizing success. No company can (…or should) try to avoid all risks. Taking this route can be disastrous, especially in today’s world. When developing strategy, hopefully your organization is…
Read More
Menu