Operations
5 Steps to Shifting Board Oversight from Operations and Risk to Strategy
Contrary to popular belief, a Board of Directors, Trustees, or whatever title fits the corporate culture are not only for publicly traded companies. Simply referred to as the Board by most, it can be defined broadly as “…a group of individuals either elected or appointed to provide organizational leadership and oversight.” Following the Enron scandal…
Read More Navigating Risks and Opportunities of the Changing Nature of Work
When the COVID pandemic forced many companies to shift to a remote work arrangement last year, it represented “…one of the greatest disruptions to work in generations.” This disruption forced both executives and workers to be more innovative, with companies spending over $300 billion last year on technology to facilitate working from home. The transition…
Read More Taking a Growth Pause: Preparing for Long-Term Success
For this week’s post, I would like to share a guest article published in Carrier Management, a quarterly journal targeting P&C insurance executives. Like previous guest editorials, this article was written with a specific industry in mind, but the contents are applicable to any organization. When a company is in its infancy, the main focus…
Read More How to Ensure Risks to Initiatives are Being Considered Alongside Objectives
A reader sent me a question about identifying risks to initiatives… More specifically, the reader wanted to know how she could ensure that risk identification focused on objectives doesn’t lose sight of risks that may be associated with initiatives. Before going any further, I want to provide a couple of quick definitions: Objectives – a…
Read More ERM Implementation: What Risk Professionals Consider the #1 Challenge To Be
I recently asked of fellow risk professionals, “What is your single biggest challenge when it comes to ERM implementation?” What do you think the answers were? Maybe figuring out how to assess risks? Maybe integrating with strategy? Or aggregation of risks? Nope. Tone at the top! Yes, the executives and how they convey their thoughts…
Read More Lessons in Personal Risk Tolerance – Hurricane Michael Edition
The second article I ever wrote on this blog was on the local impact of Hurricane Hermine in 2016. And now, Tallahassee and the Florida Panhandle region is once again recovering from another hurricane, this one Hurricane Michael. Hurricane Michael reached Category 4 (winds of 130-155 mph or 209-251 km/h) shortly before landfall, making it…
Read More The Hazards of Implementing ERM without a Plan
I cannot tell you how many times someone has asked me questions about random parts of an ERM program. The discussions range from basic concepts all the way to advanced topics. What is prompting the jumping between topics? It is typically these two things: Someone looked up ERM and saw some aspects, which looked really…
Read More Integrating Strategic Risk Management and Operational Risk Management
Most organizations, if not all, have some level of operational risk management. For example, some organizations are focused on operational risk related to safety or contract oversight of vendors. But a common view of operational risk management is slightly broader by examining risks associated with the actual daily operations of the organization. Examples include understanding…
Read More Being Included vs. Being Engaged – One Key to ERM Success
I have written previously about how ERM can be integrated into strategic planning (see here, here, and here) and project management. During a recent conversation with another risk professional regarding ERM’s role within an organization, we spoke about how it was included in various activities and meetings. While ERM was being “included,” it soon became…
Read More ERM and Internal Audit: The Right Relationship
There is much discussion and debate about how Internal Audit and Enterprise Risk Management (ERM) should be connected. Some say ERM can be embedded within the internal audit group. I don’t fall in this group. Internal audit standards say that internal auditors should be objective and not unduly influenced. In other words, independent. I have…
Read More