risk oversight

ERM Strategic Planning: Ensuring Long-Term Company Needs are Met

With summer officially underway and the 4th of July holiday closing in, hopefully you’re getting some well-deserved time to step away. Besides some vacation time, this lull before strategic planning resumes sometime in the early fall is also a great time to pause and reflect on the contributions of your company’s ERM program – past,…
Read More

Avoid the Gotcha Reputation with Executives by Using One Simple Step

In case you don’t know or can’t tell, I love speaking with and learning from others to understand their challenges as it can reveal what others are likely facing. And a recent conversation with a newly appointed head of audit revealed a challenge that I felt important to pass along. You’ve heard me say over…
Read More

One Fatal Error of KRIs and How to Avoid It

If you were to ask what constitutes a well-rounded, mature ERM program that delivers strategic value to the organization, many would say robust key risk indicators (KRIs) would certainly be at or near the top of the list. Writing in the book Enterprise Risk Management: Today’s Leading Research and Best Practices for Tomorrow’s Executives, Deloitte…
Read More

5 Simple Questions for Assessing the Effectiveness of ERM Processes

It’s hard to believe that we’re nearing the end of 2021! Whether it’s improving health, changing eating habits, or some other goal, the New Year always represents a great opportunity for a fresh start. A company’s ERM processes are no different… The end of the year represents an ideal time to take a step back…
Read More

What Risk Ownership Is and Isn’t

In a previous article on assigning a risk owner, I discuss how designating someone to be accountable for a risk is important for ensuring that it does not fall through the cracks and that an appropriate response is developed and acted upon in a timely manner. The article provides a high-level overview of when a…
Read More

3 Factors to Consider Before Escalating Risk Issues to the Board

After beginning as a requirement for financial firms, active Board oversight of risk management has increasingly become an expectation, even a necessity, for all types of organizations over the last 20 years. The annual State of Risk Oversight report from North Carolina State University corroborates this. According to their survey, a high number of Boards,…
Read More

5 Tips to Making Board Risk Reports Meaningful Tools for Decision-Making

The year is flying by as we’re well into the second quarter already. Q1 board risk reports should be done, assuming your company prepares one quarterly, and you are likely getting ready to prepare a midyear update. As I discuss in The Ultimate Primer for Effective Risk Reporting, board risk reports serve a dual purpose……
Read More
risk controls

An Easier Way to Understand the Effectiveness of Risk Controls

KRIs, KPIs, ORSA, ISO, COSO…risk controls, risk owners, risk appetite. The acronyms, the alphabet soup, oh my! To anyone with little to no experience, risk management jargon can be dizzying and confusing, especially to executives who are often deluged with risk registers, reports, and processes that are overwhelming and not helpful for managing the organization…
Read More