risk culture Archives - Carol Williams

7 Questions for Understanding the Fundamentals of Risk Appetite

The concept of risk appetite is probably the most confusing and controversial part of the enterprise risk management process. If you do a search for risk appetite, you will find a wide variety of perspectives on how to develop and use it. While there may be an implied risk appetite or a generic statement on…

Disjointed vs. Embedding in Culture and Mindset – A Key Difference Between Traditional Risk Management and ERM

One of the big differences between traditional risk management and ERM is the role risk plays in the organization. I briefly discussed this point at a high-level in my popular article linked above. And while the point of disjointed vs. embedded in culture and mindset is connected to other differences mentioned in the article, the…

ERM Implementation: What Risk Professionals Consider the #1 Challenge To Be

Podcast: Play in new window | DownloadI recently asked of fellow risk professionals “what is your single biggest challenge when it comes to ERM implementation?” What do you think the answers were? Maybe figuring out how to assess risks? Maybe integrating with strategy? Or aggregation of risks? Nope. Tone at the top! Yes, the executives…

When Organizational Culture Fails….

Podcast: Play in new window | DownloadA recent Business Insider article on Uber’s self-driving car incident goes in-depth into the culture of the company. Uber has been going through changes for over a year, beginning with the CEO being fired in 2017 amid charges of sexual harassment claims throughout the company. Uber has been focused…

Explaining the Why of Enterprise Risk Management

During the North Carolina State University’s ERM Roundtable Summit this fall, one of the topics of conversation focused on how to involve more people from across the organization in ERM. During this discussion, we were all asked, “how many of you have talked extensively about ‘what ERM is’ and explained ‘we are conducting surveys, interviews,…

Four Ways to Strengthen Risk Literacy in Your Organization

Math is not my strong suit. I feel more at ease at the keyboard, weaving words together. That’s not to say I’m terrible at math. In fact, I passed a rigorous calculus course in high school, and I actually enjoyed business statistics. But those days are in the distant past, and I rarely have occasion…

Relationships: A Common but Fatal Mistake of Risk Management

The majority of articles on my blog focus on the process side of enterprise risk management. I’ve discussed at great length subjects like setting up an ERM program, risk identification, risk assessment, and more. However, the process and technical skills is only part of what goes into a successful, value-enhancing ERM program. If you’re like…

3 Ways to Avoid the Check-the-Box Trap in Risk Review

In both my experience and according to a white paper from PwC, a common ERM challenge is how an annual risk review becomes a check-the-box activity. It shouldn’t be this way… Regardless of the reasons, everyone from executives all the way down to entry-level managers and employees have enough “bureaucratic” burdens as it is. An…

Was Organizational Culture the Key Driver in the Collapse of a Major Company?

A large (~5£ billion) publicly traded construction company, Carillion, collapsed earlier this year after months of ignored financial warnings. In fact, because of the size of the organization and how this all went down, the UK Parliament conducted an in-depth investigation into the collapse. The report of the Parliament investigation is quite interesting. It starts…

The Ultimate Guide to Being a Team Player or Not During Meetings

Every new year ushers in a season of planning and activity, and that translates more meetings. We have two choices: make the most of them and add value OR be a total pain in the neck to everyone else. For those of you who think meetings are a waste of time, we’ve compiled a list…