risk appetite

7 Questions for Understanding the Fundamentals of Risk Appetite

By Carol Williams / February 11, 2019 /

The concept of risk appetite is probably the most confusing and controversial part of the enterprise risk management process. If you do a search for risk appetite, you will find a wide variety of perspectives on how to develop and use it. While there may be an implied risk appetite or a generic statement on…

Read More
risk owner

Why Assigning a Risk Owner is Important and How to Do It Right

By Carol Williams / October 22, 2018 /

Falling in the middle of the risk management cycle (after developing risk appetite and tolerance and identifying, but before assessing and analyzing risks), the organization then must identify who will “own” or be responsible for a particular risk. Although the exact definition of what a risk owner is will vary depending on the organization, it…

Read More
personal risk

Lessons in Personal Risk Tolerance – Hurricane Michael Edition

By Carol Williams / October 15, 2018 /

The second article I ever wrote on this blog was on the local impact of Hurricane Hermine in 2016. And now, Tallahassee and the Florida Panhandle region is once again recovering from another hurricane, this one Hurricane Michael. Hurricane Michael reached Category 4 (winds of 130-155 mph or 209-251 km/h) shortly before landfall, making it…

Read More
risk acceptance

One Tool for Informed and Responsible Risk Acceptance

By Carol Williams / July 16, 2018 /

As part of your daily life, you drive a car, walk down the street, ride in elevators, go swimming, have children. Correct? You live your life. Well, you are accepting risk in all of those things. In fact, having a home or renting an apartment also entails risk…fire, wind damage, snow or ice, tornado, earthquake,…

Read More

Enterprise Risk Assessment – Transforming Risk Information into Action

By Carol Williams / April 23, 2018 /

Picture this – you’re planning a road trip and map out your route. You identify places you want to visit, eat, and stay along the way. When it comes time to actually hit the road though, you put on a blindfold and start driving in the direction you think you should be going. Now I…

Read More
operational risk management

Integrating Strategic Risk Management and Operational Risk Management

By Carol Williams / January 8, 2018 /

Most organizations, if not all, have some level of operational risk management. For example, some organizations are focused on operational risk related to safety or contract oversight of vendors. But a common view of operational risk management is slightly broader by examining risks associated with the actual daily operations of the organization. Examples include understanding…

Read More

Stop Seeing Red: How to Revamp Your Risk Assessment Process to Free Up More Resources

By Ashley / December 11, 2017 /

As noted in last week’s blog on freeing up in-house ERM resources, your organization has probably experienced a substantial increase in the volume and complexity of risks over the past five years, and yet you have insufficient resources to strengthen your ERM processes to manage these new threats. These statistics from NC State’s report, The…

Read More

Top 5 ERM Insights Posts You Need to Read Today

By Carol Williams / May 26, 2017 /

It’s hard to believe it’s been close to 9 months since I launched the ERM Insights by Carol blog. I hope you’ve been enjoying the content as much as I’ve enjoyed putting it out there. If this is your first time visiting the blog, welcome! I also want to say thank you to all of…

Read More

How to Use Risk Appetite and Risk Tolerance to Guide Decisions

By Carol Williams / May 16, 2017 /

The goal of risk management, especially enterprise risk management (ERM), is to provide management (and the entire company) with valuable insights for risk-informed decision-making.  But day in and day out, decisions are being made that don’t reflect what is voiced in the risk appetite statement approved by executives. Growth is being stifled, and the company…

Read More

The “Next Frontier” of Enterprise Risk Management – From Compliance to Strategy

By Carol Williams / December 15, 2016 /

Is this really the next frontier of the enterprise risk management process’ role within the organization? Or is the future now? When it comes to seeing what the future holds, you need to know the history. The same applies to enterprise risk management (ERM), which has an interesting history. In fact, this history is nicely…

Read More