risk appetite

7 Questions for Understanding the Fundamentals of Risk Appetite

The concept of risk appetite is probably the most confusing and controversial part of the enterprise risk management process. If you do a search for risk appetite, you will find a wide variety of perspectives on how to develop and use it. While there may be an implied risk appetite or a generic statement on…
Read More
risk owner

Why Assigning a Risk Owner is Important and How to Do It Right

Falling in the middle of the risk management cycle (after developing risk appetite and tolerance and identifying, but before assessing and analyzing risks), the organization then must identify who will “own” or be responsible for a particular risk. Although the exact definition of what a risk owner is will vary depending on the organization, it…
Read More
personal risk

Lessons in Personal Risk Tolerance – Hurricane Michael Edition

The second article I ever wrote on this blog was on the local impact of Hurricane Hermine in 2016. And now, Tallahassee and the Florida Panhandle region is once again recovering from another hurricane, this one Hurricane Michael. Hurricane Michael reached Category 4 (winds of 130-155 mph or 209-251 km/h) shortly before landfall, making it…
Read More
risk acceptance

One Tool for Informed and Responsible Risk Acceptance

As part of your daily life, you drive a car, walk down the street, ride in elevators, go swimming, have children. Correct? You live your life. Well, you are accepting risk in all of those things. In fact, having a home or renting an apartment also entails risk…fire, wind damage, snow or ice, tornado, earthquake,…
Read More
operational risk management

Integrating Strategic Risk Management and Operational Risk Management

Most organizations, if not all, have some level of operational risk management. Some organizations are focused on operational risk related to safety or contract oversight of vendors for example. But a common view of operational risk management is slightly broader by examining risks associated with the actual daily operations of the organization. Examples include understanding…
Read More

Top 5 ERM Insights Posts You Need to Read Today

It’s hard to believe it’s been close to 9 months since I launched the ERM Insights by Carol blog. I hope you’ve been enjoying the content as much as I’ve enjoyed putting it out there. If this is your first time visiting the blog, welcome! I also want to say thank you to all of…
Read More

How to Use Risk Appetite and Risk Tolerance to Guide Decisions

The goal of risk management, especially enterprise risk management (ERM), is to provide management (and the entire company) with valuable insights for risk-informed decision-making.  But day in and day out, decisions are being made that don’t reflect what is voiced in the risk appetite statement approved by executives. Growth is being stifled, and the company…
Read More
Menu