risk oversight

3 Questions to Consider if Management Rejects Recommendations Due to Cost

Occasionally, I examine local or national events with a risk lens to see what went right and wrong, such as this example of poor vendor risk management in my local community. Doing so can help us better understand areas we may need to improve in our own organizations to avoid similar consequences. Quick Synopsis of…

An Easier Way to Understand the Effectiveness of Risk Controls

KRIs, KPIs, ORSA, ISO, COSO…risk controls, risk owners, risk appetite. The acronyms, the alphabet soup, oh my! To anyone with little to no experience, risk management jargon can be dizzying and confusing, especially to executives who are often deluged with risk registers, reports, and processes that are overwhelming and not helpful for managing the organization…

Avoid the Scramble: Proactively Plan for Changes in Risk Owner

Wouldn’t it be nice if a risk simply went away when the risk owner left the organization or changed roles? Okay, now wake up from that dream…this doesn’t happen in real life. As a previous article on assigning a risk owner explains, the ERM unit does not actually manage risks. Instead individual(s) who are close…

Quantitative Risk Analysis: What Companies Must Have First

The goal of my blog has been and will always be to distill ERM concepts into actionable insights for anyone interested or who is tasked with risk management in their organization. If you browse around, you will find that I discuss qualitative risk analysis methods like scenario planning, root cause analysis, and just plain old…

Questions for Gauging the Value of your Organization’s Risk & Performance Management

Podcast: Play in new window | DownloadAlthough there can be an infinite number of reasons for an organization to evaluate its risk and performance management, two main reasons that apply across-the-board include: You need to understand where your organization stands in order to plan where it should go. Executives want to know if what’s in…

One Scarcely Mentioned Way Social Media Can Damage an Organization’s Reputation (…and how to address it)

Now that we’re over a decade from when the first IPhone hit the market in 2007, it’s becoming clear the impact social media can have on an organization’s reputation. Generally speaking, reputation is more significant in today’s world in large part due to the lightning speed at which news can spread. To illustrate the growing…

Organizations Across-the-Board Report Increasing Risk Volume and Complexity

In my first post analyzing NC State’s latest State of Risk Oversight report, we discussed how more organizations are designating a Chief Risk Officer. In this post, I want to take some time to discuss another significant observation from this year’s survey – the volume and complexity of risk. The ERM Initiative in partnership with…

Chief Risk Officer: An Increasingly Vital Role in Effective Risk Oversight

The 2019 State of Risk Oversight report from NC State recently came out with some interesting results about the current state of risk management leadership in organizations. The report breaks down results into four different industry-categories – large organizations, public companies, financial institutions, and not-for-profit. Over the last five years, nonprofits have seen the biggest…

The Board’s Role in Risk Oversight and Why It’s Important

A majority of articles here on the blog focus on the process of ERM for anyone involved in their organization’s strategy-setting and day-to-day operations. While learning about processes like risk identification, assessment, and reporting is important, there are other risk-related activities in the organization that are equally important, namely the oversight of risk by the…

Why Assigning a Risk Owner is Important and How to Do It Right

Falling in the middle of the risk management cycle (after developing risk appetite and tolerance and identifying, but before assessing and analyzing risks), the organization then must identify who will “own” or be responsible for a particular risk. Although the exact definition of what a risk owner is will vary depending on the organization, it…

risk oversight

Get our latest blogs directly in your inbox!

Popular Post this Month