First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

risk management

A management risk committee

A question from a follower of this blog on the same topic, had me searching for the charter of the risk committee I established, with the strong support of the CEO, at Business Objects.

 

, ,

Damage control: Two recent decisions show the benefits and pitfalls of proactive risk management in products claims

Two recent Ontario decisions shed light on the conflicting consequences of a manufacturer’s attempts at risk mitigation when their product is defective.

 

, , , , , ,

Transforming risk management in 2019 and beyond

The consideration of risk is integrated into the setting and then the execution of strategies through daily decisions.

 

, ,

Stop managing and start taking risk

Success in business is taking the right level of the right risks. It all comes down to helping leaders make informed and intelligent decisions.

 

, , , , ,

The basics of risk management

I want to congratulate David Hillson (a.k.a. the Risk Doctor) for his video explaining his view of risk management basics. In Risk management basics: What exactly is it?, he takes less than five minutes to sum up risk management with six questions:

 

, , ,

Talking about risk and opportunity

Some talk about opportunity as “the other side of the coin” from risk. COSO views the two words, risk and opportunity, as one is good and the other is bad. ISO seems them differently, defining risk as the effect on objectives. That effect could be positive or harmful.

 

, ,

SEC investigates cyber-related frauds

On October 16th, the US Securities and Exchange Commission published Report of Investigation Pursuant to Section 21(a) of the Securities Exchange Act of 1934 Regarding Certain Cyber-Related Frauds Perpetrated Against Public Companies and Related Internal Accounting Controls Requirements.

 

, , , , ,

Treating cyber as a business problem

Cyber risk can only be communicated to leadership in a way that is meaningful and actionable, enabling them to make informed and intelligent decisions, if it is done using business language.

 

, , , ,

Uniting risk management with strategic planning

Who can argue that the consideration of what might happen (what some refer to as risk) should be part of the strategic planning process? Objectives and strategies should be set only after thinking carefully about where you are, what is happening around you, and what may happen in the future.

 

, ,

We’re at a tipping point for third-party risk management

If indeed creating a culture of ethics, integrity and respect is the top objective of more than two-thirds of organizations, we could start seeing the results very soon when it comes to a new wave of investing in third-party systems.

 

, , ,

Emerging risks: who is watching?

Who should be alert and watching for emerging risks: things that might happen (a better expression than the ‘R’ word, ‘risk’, because of its negative impression) that might affect the achievement of enterprise objectives?

 

, ,

The role of internal audit in risk management

If we are stressing that risk management is really all about effective, informed and intelligent decision-making, shouldn’t internal audit start focusing on the quality of decision-making processes?

 

, , ,

New COSO ERM Guidance for ESG

It is essential to provide leaders with actionable information. Simply rating a risk as high or valuing it at $250,000 is meaningless. Leaders need to be able to make decisions between addressing one risk vs another, and going forward with a project given all the uncertainties related to its success. For that they need clear, detailed information, not a simple risk rating.

 

, , ,

Is your ERM program as useful as a GPS?

An ERM program. like a GPS, helps with making informed and (hopefully) intelligent decisions so that objectives can be reached safely and on time.

 

, , ,

Why do we need risk management?

Risk management is about helping an organization achieve its objectives in the face of uncertainty.

 

, ,

Previous Posts