Relationship between Audit and Risk Management

2014-05-27 / Uncategorized / No Comment

based upon notes taken from Ch. 7 of the RIMS text Enterprise Risk Management, edited by Michael W. Elliott, published 2013 by The Institutes.

The Nature of Controls

According to the text, controls are used to assess whether the organization’s actions are the ones expected; to check that the organization’s processes are functioning as intended. Originally connected with detecting errors and fraud, they are now related to organization’s goals, financial reporting and compliance.
Read the rest of this entry »

Read More

Consulting For Lean Manufacturing

2014-01-15 / Uncategorized / Comments Off

In my last post on Lean Manufacturing, I said that there was a broader agenda at stake — namely, the survival of firms in the era of the decline of western manufacturing. Consultant Bill Chambless expresses a similar thought in his book Quantum Profits. He posits that the mastering of short-run customized production is the key to economic recovery.

Read the rest of this entry »

Read More

Lean Manufacturing – New Journey for Risk Managers

2014-01-15 / Uncategorized / No Comment

DiagramShould risk managers delve into Lean Manufacturing, or similar  methods, at all?  One of the key themes in this blog is the necessity for risk managers to expand their view and gain a seat at the planning table. It is only natural, after implementing risk assessment methods, to feel that one might add value by seeking better productivity.

There is a broader agenda here.  The very survival of manufacturing and service industries is continually challenged, and the opportunities for gains are immense, both in administrative and industrial processes.

Planning and Innovation – Small-Medium Sized Enterprise

I am Planning and Innovation Lead for a small-medium sized enterprise in specialty metals manufacturing. Read the rest of this entry »

Read More

The Changing Role of the Risk Manager

2013-07-26 / Uncategorized / No Comment

In the RIMS 2012 report “The Evolving Role of the Risk Professional”, recommendations included that risk managers view risk in a new way that “builds internal alliances, and enhances the strategic decision-making capability”; this in turn would require “specialized communication and technical skills”. According to a Deloitte study, however, risk professionals are still perceived as working in silos, using limited skill sets. This post examines the risk manager’s required competencies.

The Definition of Risk
The definitions of risk given in the standards (e.g., ISO, COSO, AS/NZ) give the basis of my argument. They connect risk with organizational goals and objectives. These definitions imply the expansion of risk management beyond the conventional scope of corporate finance/audit and commercial insurance. New aspects of the risk management function — 6 specific roles — are discussed next. Read the rest of this entry »

Read More

Hidden Strategic Risk

strategic riskHow is it that strategic risk assessment misses the obvious?  It seems the most fundamental risks, although right out in the open, are not recognized as risks.

How to Identify Strategic Risk
First, the basic process: As discussed in previous posts, strategic risk assessment should be a review of goals, objectives and corporate values, as expressed in a plan. Risk assessment benefits from a multi-disciplinary round table reviewing the schedule of intended action. The risk lens brings to light the things that may prevent the successful execution of the plan.

Tracing through all stages of the plan, ask the question: What could hinder or prevent the accomplishment of this particular objective?; or, What could compromise the safeguarding of this professional value? In the broadest analysis, it is a matter of identifying phenomena that call into question the strategic direction, approach to a project, or feasibility of a program. The mitigation of such risk involves action on the same scale: to shift the planned direction; to build up one aspect of the business; to attenuate another.

But there is always some unique twist in a risk assessment… Read the rest of this entry »

Tags:
Read More

Systemic Risk – Challenging Assumptions

Risk managers should contribute to long range planning and analysis. They can cause planners and modellers to recast their assumptions. In a recent workshop, participants and I were discussing risk assessment of the firm’s strategic plan, and considered wider systemic risk and emerging risk, that could undermine the organization.

On the issue of strategic risk, I first draw the reader’s attention to my 6-part series in which I discussed high quality risk assessment and future scenarios; strategic identity; stakeholders; and environmental scan. The essential point in that series is that risk assessment should be part of a complete research and planning process, including methods to deal with “black swan” risks and high uncertainty.

In this post, I want to elaborate on the idea of risk managers questioning assumptions that typically go unchallenged.

Read the rest of this entry »

Tags: , ,
Read More

Reprint – Risk Analysis for Tough Issues

Edward Robertson-article-risk-management-magazineThe Economist’s risk management study in 2010 found that there is a continuing perception of risk management as: “…support function staffed with narrowly focused specialists, such as business continuity planners, insurance buyers, or health and safety officers…” (Fall guys – risk management in the front line). Then Forbes/Deloitte reported in 2012 that a significant sector of corporate employees are “unaware of what they need to do concerning risk”. (Aftershock: adjusting to the new world of risk management).

Back December 2006 I published an article with Risk Management Magazine. It is relevant to the question of broadening the risk manager’s role to bring risk assessment to strategic planning and policy. I wouldn’t change a word of it today.

Read the rest of this entry »

Read More

Definitions: ERM and Risk Assessment – Part 2/2

2012-11-27 / Uncategorized / No Comment

definition enterprise risk management risk assessmentIn this second post, I give my proposed definition of both Enterprise Risk Management and Risk Assessment.  They are not a reflection of the actual usage of the terms; instead, they are recommendations for what the terms should denote:

Definition of Enterprise Risk Management

Enterprise Risk Management: A distributed process of risk assessment applied to strategy and operations, in all domains, in support of corporate goals and values.
Read the rest of this entry »

Read More