First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

enterprise risk management

Are you managing risk or are you managing the organization?

Stop managing risk – manage the business. Stop talking about accepting or managing risk and start talking about taking the right risks through informed and intelligent decisions.

 

, , , , ,

The essential competencies of an effective risk officer

I recently sparred gently with a good friend, a respected and influential risk practitioner and thought leader, about the key competencies necessary for a risk officer to be effective. He listed several competencies for effectiveness, saying that “without these competencies risk managers are useless to the business”.

 

, , , , , ,

Is it about managing risk?

Managing risk absent the context of your objectives leads you to manage what may be irrelevant and miss what may be crucial.

 

, , , ,

Should you adopt the updated COSO ERM Framework? My assessment

It has been 13 years since the original COSO ERM Framework and eight years since ISO 31000:2009 was published. The updated COSO ERM Framework was an opportunity for COSO to “leap forward”. But did it?

 

, , , , , , , ,

Is the COSO ERM update a success or failure?

Recently, COSO published an update to their 2004 ERM Framework. The product, retitled Enterprise Risk Management: Integrating with Strategy and Performance, is available from the AICPA or IIA.

 

, , , , ,

Views on the future of risk management

James Lam has an impressive resume: Chief Risk Officer for major financial institutions, author of a respected book on ERM, consultant, and board member. Recently, he wrote a white paper that is available through RIMS or Workiva, Next Frontier: Performance-Based Continuous ERM. I think it is fair to say that James and I agree on many points but disagree on others.

 

, , , , ,