ERM governance

risk reporting

The Ultimate Primer for Effective Risk Reporting

A mechanism for ensuring leadership, business managers, and other stakeholders make risk-informed decisions and fulfill oversight duties At the end of the day, the ERM process should be regarded as a cycle or feedback loop…meaning, there’s never a definitive end point. It’s like the four seasons of the year – there’s never an end point,…
Read More

ERM Implementation: What Risk Professionals Consider the #1 Challenge To Be

Podcast: Play in new window | DownloadI recently asked of fellow risk professionals, “What is your single biggest challenge when it comes to ERM implementation?” What do you think the answers were? Maybe figuring out how to assess risks? Maybe integrating with strategy? Or aggregation of risks? Nope. Tone at the top! Yes, the executives…
Read More

Practicing ERM without a Formal ERM Program

Many of the ERM resources you encounter on my blog and elsewhere focus on elements of a formal program like developing a framework, establishing risk appetite, and more. We imply, at least indirectly, that your organization must have this formal structure in place before practicing ERM. However, this isn’t always the case… Double-take – why…
Read More
implementing ERM

The Hazards of Implementing ERM without a Plan

I cannot tell you how many times someone has asked me questions about random parts of an ERM program. The discussions range from basic concepts all the way to advanced topics. What is prompting the jumping between topics? It is typically these two things: Someone looked up ERM and saw some aspects, which looked really…
Read More
ERM infrastructure

3 Key Infrastructure Elements for a Successful ERM Program

NC State’s ERM Initiative recently released their 2018 report on the State of Risk Oversight, which is very useful to see the progress (…or not) being made by organizations with enterprise risk management. One of the sections in this year’s report studies the infrastructure of an ERM program, specifically a designated leader of risk, management-level…
Read More
ERM on a budget

ERM on a Budget: It is Possible! – 7 Key Considerations

When I started my consulting firm in August 2016, I knew I wanted to help organizations perform better by using enterprise risk management (ERM) instead of just traditional risk management. After all, I know how well ERM can work when done right and how much the organization can benefit from it. But as a start-up,…
Read More

3 Ways to Mature your ERM Program and Why They’re All Bad

In a nutshell, ERM can be a powerful tool for ensuring executives are making risk-informed decisions and limited resources are being used in the most efficient manner. Unfortunately, this isn’t something you can simply wish for and it’s done. Getting an ERM program to this point requires time and LOTS of patience and diligence. There’s…
Read More
erm resources

5 Simple Steps to Free Up In-house ERM Resources

Odds are you have more risks to manage this year, but not enough resources to do it sufficiently. In fact, here are a few startling statistics from NC State’s 2017 report, The State of Risk Oversight: An Overview of Enterprise Risk Management Processes:  70% of large organizations interviewed believe the volume and complexity of risks…
Read More

ERM and Internal Audit: The Right Relationship

There is much discussion and debate about how Internal Audit and Enterprise Risk Management (ERM) should be connected. Some say ERM can be embedded within the internal audit group. I don’t fall in this group. Internal audit standards say that internal auditors should be objective and not unduly influenced. In other words, independent. I have…
Read More

Top 5 ERM Insights Posts You Need to Read Today

It’s hard to believe it’s been close to 9 months since I launched the ERM Insights by Carol blog. I hope you’ve been enjoying the content as much as I’ve enjoyed putting it out there. If this is your first time visiting the blog, welcome! I also want to say thank you to all of…
Read More