Operations

5 Steps to Shifting Board Oversight from Operations and Risk to Strategy

Contrary to popular belief, a Board of Directors, Trustees, or whatever title fits the corporate culture are not only for publicly traded companies. Simply referred to as the Board by most, it can be defined broadly as “…a group of individuals either elected or appointed to provide organizational leadership and oversight.” Following the Enron scandal…
Read More

Navigating Risks and Opportunities of the Changing Nature of Work

When the COVID pandemic forced many companies to shift to a remote work arrangement last year, it represented “…one of the greatest disruptions to work in generations.” This disruption forced both executives and workers to be more innovative, with companies spending over $300 billion last year on technology to facilitate working from home. The transition…
Read More

Taking a Growth Pause: Preparing for Long-Term Success

For this week’s post, I would like to share a guest article published in Carrier Management, a quarterly journal targeting P&C insurance executives. Like previous guest editorials, this article was written with a specific industry in mind, but the contents are applicable to any organization. When a company is in its infancy, the main focus…
Read More
risks to initiatives

How to Ensure Risks to Initiatives are Being Considered Alongside Objectives

A reader sent me a question about identifying risks to initiatives… More specifically, the reader wanted to know how she could ensure that risk identification focused on objectives doesn’t lose sight of risks that may be associated with initiatives. Before going any further, I want to provide a couple of quick definitions: Objectives – a…
Read More

ERM Implementation: What Risk Professionals Consider the #1 Challenge To Be

I recently asked of fellow risk professionals, “What is your single biggest challenge when it comes to ERM implementation?” What do you think the answers were? Maybe figuring out how to assess risks? Maybe integrating with strategy? Or aggregation of risks? Nope. Tone at the top! Yes, the executives and how they convey their thoughts…
Read More
personal risk

Lessons in Personal Risk Tolerance – Hurricane Michael Edition

The second article I ever wrote on this blog was on the local impact of Hurricane Hermine in 2016. And now, Tallahassee and the Florida Panhandle region is once again recovering from another hurricane, this one Hurricane Michael. Hurricane Michael reached Category 4 (winds of 130-155 mph or 209-251 km/h) shortly before landfall, making it…
Read More
implementing ERM

The Hazards of Implementing ERM without a Plan

I cannot tell you how many times someone has asked me questions about random parts of an ERM program. The discussions range from basic concepts all the way to advanced topics. What is prompting the jumping between topics? It is typically these two things: Someone looked up ERM and saw some aspects, which looked really…
Read More
operational risk management

Integrating Strategic Risk Management and Operational Risk Management

Most organizations, if not all, have some level of operational risk management. For example, some organizations are focused on operational risk related to safety or contract oversight of vendors. But a common view of operational risk management is slightly broader by examining risks associated with the actual daily operations of the organization. Examples include understanding…
Read More

Being Included vs. Being Engaged – One Key to ERM Success

I have written previously about how ERM can be integrated into strategic planning (see here, here, and here) and project management. During a recent conversation with another risk professional regarding ERM’s role within an organization, we spoke about how it was included in various activities and meetings. While ERM was being “included,”  it soon became…
Read More

ERM and Internal Audit: The Right Relationship

There is much discussion and debate about how Internal Audit and Enterprise Risk Management (ERM) should be connected. Some say ERM can be embedded within the internal audit group. I don’t fall in this group. Internal audit standards say that internal auditors should be objective and not unduly influenced. In other words, independent. I have…
Read More