risk assessment

Can We Trust the Experts during Risk Assessments?

The nature of being a risk manager requires us to engage extensively with subject-matter experts (SMEs) to understand concepts, processes, and risks. We use this information to understand how the SMEs’ activities fit into the bigger picture of the organization. Without their input, it’s almost impossible to determine the appropriate risk response unless you have…
Read More

3 Steps to Handling Risks that Exceed your Company’s Appetite

As I and others repeat often, it is impossible to manage every risk. Doing so is counterproductive and leads to even more problems than it solves, including preventing your organization from achieving its goals and objectives. Here is the truth: life is about choices and resources (time, financial, etc.) are scarce. Risks are no different.…
Read More
signpost analysis

Signpost Analysis – An Easy Way to Anticipate Long-Term Risks

With information and other demands for our attention bombarding us each day, it can be hard to think about the long-term. As a growing number of examples show, ignoring long-term risks to strategic objectives can be devastating, especially considering the world of Volatility, Uncertainty, Complexity, and Ambiguity (VUCA) we find ourselves in. While discussing the…
Read More
ERM standards

Making Sense of ERM Standards in a Volatile and Dynamic Environment

When we are new to something, our natural tendency is to seek out well-established, reputable sources for guidance. As a yummy example, once upon a time, I decided I wanted to make my own homemade chocolate chip cookies. My first step was to refer to the recipe on the back of the bag of Nestle-brand…
Read More
risk owners

3 Steps to Ensuring Risk Owners Ultimately Fulfill Their Obligations

It’s all too common…we ask someone to help with something just to be disappointed later. It’s frustrating…believe me I know. When it comes to managing risks and opportunities, we assign an “owner” to manage the day-to-day and ensure someone is responsible for the risk (and oversee the mitigation activities). As I discuss in this article…
Read More

Why Do Most Organizations Avoid Quantitative Risk Assessment?

No ERM process that is effective at helping a company understand threats and opportunities to achieving objectives is going to just create a list of risks. While that may be sufficient for a regulator, it means absolutely nothing for helping executives run the organization better. After identification, companies then take the vital step of assessing…
Read More

Are Qualitative Risk Assessments Fatally Flawed?

Early last month, I published an article explaining why I don’t discuss quantitative assessment methods like modeling, Monte Carlo simulation, and others very much and what companies must have in place before they can use methods like this to guide their decision making and strategic planning. In short, without establishing corporate governance policies, a strategic…
Read More
quantitative

Quantitative Risk Analysis: What Companies Must Have First

The goal of my blog has been and will always be to distill ERM concepts into actionable insights for anyone interested or who is tasked with risk management in their organization. If you browse around, you will find that I discuss qualitative risk analysis methods like scenario planning, root cause analysis, and just plain old…
Read More
Menu