erm program

COSO ERM Framework – Background & Overview

The COSO ERM framework is one of two widely accepted risk management standards organizations use to help manage risks in an increasingly turbulent, unpredictable business landscape. We previously discussed the background and a general overview of the other commonly used ERM framework, ISO 31000. COSO, which is short for the Committee of Sponsoring Organizations of…
Read More
ERM standard

The ISO 31000 ERM Standard – Background & Overview

Since its inception, ISO 31000 has become a widely accepted standard for enterprise risk management by private corporations, government bodies, and nonprofit organizations throughout the world. Although the ISO standard has only been around for 10 years, its origins date back to 1995 when the AS/NZS 4360 standard from Australia and New Zealand was first…
Read More

Top 19 Risk Management Resources for 2019

This time last year, I wrote a well-received article providing my favorite 18 risk management resources. Well, it is time to provide a new list of 19 resources as you start making progress towards achieving your 2019 goals for risk management. Over the recent months, I have really focused on expanding my skills outside of…
Read More
risk reporting

The Ultimate Primer for Effective Risk Reporting

A mechanism for ensuring leadership, business managers, and other stakeholders make risk-informed decisions and fulfill oversight duties At the end of the day, the ERM process should be regarded as a cycle or feedback loop…meaning, there’s never a definitive end point. It’s like the four seasons of the year – there’s never an end point,…
Read More

ERM Implementation: What Risk Professionals Consider the #1 Challenge To Be

Podcast: Play in new window | DownloadI recently asked of fellow risk professionals, “What is your single biggest challenge when it comes to ERM implementation?” What do you think the answers were? Maybe figuring out how to assess risks? Maybe integrating with strategy? Or aggregation of risks? Nope. Tone at the top! Yes, the executives…
Read More

Explaining the Why of Enterprise Risk Management

During the North Carolina State University’s ERM Roundtable Summit this fall, one of the topics of conversation focused on how to involve more people from across the organization in ERM. During this discussion, we were all asked, “how many of you have talked extensively about ‘what ERM is’ and explained ‘we are conducting surveys, interviews,…
Read More

Practicing ERM without a Formal ERM Program

Many of the ERM resources you encounter on my blog and elsewhere focus on elements of a formal program like developing a framework, establishing risk appetite, and more. We imply, at least indirectly, that your organization must have this formal structure in place before practicing ERM. However, this isn’t always the case… Double-take – why…
Read More
risk owner

Why Assigning a Risk Owner is Important and How to Do It Right

Falling in the middle of the risk management cycle (after developing risk appetite and tolerance and identifying, but before assessing and analyzing risks), the organization then must identify who will “own” or be responsible for a particular risk. Although the exact definition of what a risk owner is will vary depending on the organization, it…
Read More
credit ratings ERM

A 5-Minute Primer on Factoring ERM into Credit Ratings for Insurance Companies

An article we published in mid-2017 gave an introduction to how credit rating agencies are factoring ERM into their ratings. For most organizations, the evaluation of ERM is simply folded into the overall review of the firm’s management and governance. Additional research and other resources (see here and here) shared with me since the original…
Read More
Menu