risk oversight

ERM Strategic Planning: Ensuring Long-Term Company Needs are Met

With summer officially underway and the 4th of July holiday closing in, hopefully you’re getting some well-deserved time to step away. Besides some vacation time, this lull before strategic planning resumes sometime in the early fall is also a great time to pause and reflect on the contributions of your company’s ERM program – past,…

Avoid the Gotcha Reputation with Executives by Using One Simple Step

In case you don’t know or can’t tell, I love speaking with and learning from others to understand their challenges as it can reveal what others are likely facing. And a recent conversation with a newly appointed head of audit revealed a challenge that I felt important to pass along. You’ve heard me say over…

One Fatal Error of KRIs and How to Avoid It

If you were to ask what constitutes a well-rounded, mature ERM program that delivers strategic value to the organization, many would say robust key risk indicators (KRIs) would certainly be at or near the top of the list. Writing in the book Enterprise Risk Management: Today’s Leading Research and Best Practices for Tomorrow’s Executives, Deloitte…

5 Simple Questions for Assessing the Effectiveness of ERM Processes

It’s hard to believe that we’re nearing the end of 2021! Whether it’s improving health, changing eating habits, or some other goal, the New Year always represents a great opportunity for a fresh start. A company’s ERM processes are no different… The end of the year represents an ideal time to take a step back…

What Risk Ownership Is and Isn’t

In a previous article on assigning a risk owner, I discuss how designating someone to be accountable for a risk is important for ensuring that it does not fall through the cracks and that an appropriate response is developed and acted upon in a timely manner. The article provides a high-level overview of when a…

Risk & Compliance Conference Session Provides Deep-Dive into Third-Party Risks

Risk management isn’t solely about managing threats and opportunities within your company. Just like it would be impossible for us to grow food, provide clothing, shelter, and other necessities all on our own, the same fact is true for a company. It would be impossible to provide every raw material or handle every service in-house.…

3 Factors to Consider Before Escalating Risk Issues to the Board

After beginning as a requirement for financial firms, active Board oversight of risk management has increasingly become an expectation, even a necessity, for all types of organizations over the last 20 years. The annual State of Risk Oversight report from North Carolina State University corroborates this. According to their survey, a high number of Boards,…

5 Tips to Making Board Risk Reports Meaningful Tools for Decision-Making

The year is flying by as we’re well into the second quarter already. Q1 board risk reports should be done, assuming your company prepares one quarterly, and you are likely getting ready to prepare a midyear update. As I discuss in The Ultimate Primer for Effective Risk Reporting, board risk reports serve a dual purpose……

3 Questions to Consider if Management Rejects Recommendations Due to Cost

Occasionally, I examine local or national events with a risk lens to see what went right and wrong, such as this example of poor vendor risk management in my local community. Doing so can help us better understand areas we may need to improve in our own organizations to avoid similar consequences. Quick Synopsis of…

An Easier Way to Understand the Effectiveness of Risk Controls

KRIs, KPIs, ORSA, ISO, COSO…risk controls, risk owners, risk appetite. The acronyms, the alphabet soup, oh my! To anyone with little to no experience, risk management jargon can be dizzying and confusing, especially to executives who are often deluged with risk registers, reports, and processes that are overwhelming and not helpful for managing the organization…

risk oversight

Get our latest blogs directly in your inbox!

Popular Post this Month