First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

risk management

CEOs are not idiots when it comes to risk management

If you consider the small number of organizations where risk management is considered as providing a strategic advantage, one of these alternatives must be true:

 

, , , ,

If risk management is the answer, what is the question?

We need to stop coming up with new words and phrases when all we need to address is the effectiveness of management. So stop talking about ERM, IRM, or even objective assurance, and start thinking about how to obtain reasonable assurance that the management of the organization, including how it sets objectives and makes related execution decisions, is effective.

 

, , , , , , ,

Understanding the challenges in risk management

My good friend, Michael Rasmussen, has written what I consider a special blog post on the topic of Challenges in Risk Management.

 

, , ,

Time (again and still) for the IIA Standards to be correct

Internal audit can assist management by facilitating a fraud risk assessment. Management should make the decision both on the level of risk and whether it is acceptable. Internal audit can provide their opinion and advice on both.

 

, , , , , , , , ,

A board that would fail any test of its governance practices

I am planning a meeting with the CRO from a company during which I had planned to share some of the principles of effective risk management, based on what is considered world-class, and the governance of risk management by the board.

 

, , , , , , ,

The accountants’ role in risk management

The International Federation of Accountants (IFAC) has published an interesting and useful piece, Enabling the Accountant’s Role in Effective Enterprise Risk Management.

 

, , , , , ,

The effective practitioner in action

Competition law

A risk practitioner can assist in a number of ways, including helping management use comparable methods and tools to assess both upside and downside potential consequences in a way that they can be compared.

 

, , , , ,

Beyond due diligence: Ongoing third party risk management

There is something in a name. More people in the compliance industry, when referring to third-party due diligence, are labeling it “Third Party Risk Management.” I like it because it is more accurate.

 

, , , , , ,

Assessing the effectiveness of your risk management program

The IIA has published a new Practice Guide, Assessing the Risk Management Process. In IIA-speak, this is recommended but not mandatory guidance for its members.

 

, , ,

A management risk committee

A question from a follower of this blog on the same topic, had me searching for the charter of the risk committee I established, with the strong support of the CEO, at Business Objects.

 

, ,

Damage control: Two recent decisions show the benefits and pitfalls of proactive risk management in products claims

Two recent Ontario decisions shed light on the conflicting consequences of a manufacturer’s attempts at risk mitigation when their product is defective.

 

, , , , , ,

Transforming risk management in 2019 and beyond

The consideration of risk is integrated into the setting and then the execution of strategies through daily decisions.

 

, ,

Stop managing and start taking risk

Success in business is taking the right level of the right risks. It all comes down to helping leaders make informed and intelligent decisions.

 

, , , , ,

The basics of risk management

I want to congratulate David Hillson (a.k.a. the Risk Doctor) for his video explaining his view of risk management basics. In Risk management basics: What exactly is it?, he takes less than five minutes to sum up risk management with six questions:

 

, , ,

Talking about risk and opportunity

Some talk about opportunity as “the other side of the coin” from risk. COSO views the two words, risk and opportunity, as one is good and the other is bad. ISO seems them differently, defining risk as the effect on objectives. That effect could be positive or harmful.

 

, ,

Previous Posts