Risk Management Insights

I want to join the BLOG

04/02/2016 / Enterprise Risk Management, Operational Risk

Operational Risk Management 1 – Learning from yourself as an expert already!

Operational Risk Management and the wider defined Enterprise Risk Management are often touted as a new concept. While the methodologies and processes employed may have been enhanced in the recent past, risk management is hardly new.

Humans, arising from the instinct for survival, have been using and developing risk management techniques from the beginning of time. The risk management skills, knowledge and capabilities passed onto you have meant that your personal life risk management is extremely well developed. I would argue, so well developed to the point that you are often not aware that you are practicing them.

This series of articles will consider some of those personal risk management techniques and principles how we can use them to enhance the risk management in our organisations.

Read More

29/01/2016 / Enterprise Risk Management, Risk Analytics

Five tips for creating Dashboards your Users actually Use

In the last few years, while working with several risk and compliance teams from different industries to improve their reports, I noticed the following:

  • Existing reports were mostly driven by regulatory requirements
  • Reports were typically made for upper management, executive teams and board members and only a small percentage is relayed back to the people providing the data

There was no shortage of functional spreadsheets with a lot of tables and, if the author was feeling adventurous, the occasional chart or two.

Read More

29/12/2015 / Enterprise Risk Management, Risk Culture

Risk Management's Coming of Age?

As 2015 comes to a close, it is a good time to observe how risk management has continued to mature and grow towards the fully legitimised business function that we at Protecht believe it should be. Looking back, 2015 has been a defining year for Protecht and the wider risk management community.  

Read More

18/12/2015 / Enterprise Risk Management, Risk Audit, ERM, Risk Maturity

ATO implements Protecht's Enterprise Risk Management System

NOT SUCH A TAXING TIME

Some months ago Protecht was delighted that Protecht.ERM was selected by the ATO as the ATO’s corporate-wide risk and governance system. After just a short time, under the guidance of Jodie Thomas, Executive Director, ATO Corporate and the ATO project implementation team, the ATO is already recognising some of the immense benefits that Protecht.ERM is capable of delivering.

Read More

11/11/2015 / Enterprise Risk Management, Risk Management, ERM

The Experience of Having a Risk Management System

A REAL LIFE APPROACH

Risk management is a continuous journey. In our personal lives we instinctively make risk based decisions according to our own risk appetite. As we move from our teenage years to adulthood to middle age to our senior years, our internal risk management evolves and matures. The same applies with the organisations we work within. Their external and internal context evolves, their risk management matures and evolves to meet the challenges of the changing environment.

This week’s blog is an interview with Michael Blacker, Chief Risk Officer at Police Bank. In this interesting conversation, he shares his experiences and challenges with the evolution of risk management at Police Bank and explains how Protecht.ERM is being used to embed risk management throughout the organisation. We hope that you enjoy the interview.

Read More

27/10/2015 / Enterprise Risk Management, Risk Culture, Risk Management

The Road to Enterprise Risk Management Maturity

FOUR things to carefully consider during your journey to ERM maturity

The yellow brick road led to the Emerald City. The enterprise risk management (ERM) Emerald City is the risk management maturity we are all looking for, but most of us do not know where it is exactly and even what it looks like. We do, however, have an idea.  In a number of five step maturity models, the 5th and final stage is often called “Optimised”. What does this look like?

Read More

21/10/2015 / Enterprise Risk Management, Risk Culture, Risk Management

How to Achieve your Risk Management Goals

TEN KEYS to Risk Management Success 

Having worked with many clients over the years in implementing, maintaining and developing their risk management systems you learn what works and, on the other hand, what does not.

The following are my top TEN KEYS to success – get these right and you will have a risk management function that is seen as critical as any other management function in the value it adds.

1. Keep it Simple

With any developing discipline, there is a tendency to invent new words and use big words that sound smart but no one understands. Risk management is no exception with a myriad of fancy words and acronyms. 

Read More

13/10/2015 / Enterprise Risk Management, Risk Management, Risk Maturity

The 7 key ingredients for successfully transforming and maturing your ERM

Maturity is “the state or quality of being fully grown or developed.” 

Transformation means “a marked change, as in appearance or character, usually for the better”. When we apply this to Enterprise Risk Management (ERM) within an organisation, it requires some refinement.  We would suggest “transforming your risk management through maturity” means to “develop your risk management towards being fully grown by making a marked change for the better in both appearance and character”.

Read More

07/10/2015 / Enterprise Risk Management, Risk Management, Risk and Control Self Assessment, Operational Risk

Need Help Defining Controls?

6 Key Questions to Define Risk Management Controls.

In last week's blog, I discussed the basic but often confused issue, of describing operational risks in a logical and understandable way. This week, I turn to controls, which are often as equally poorly defined and understood.

The ISO 31000 standard defines control as a “measure that is modifying risk”. While not incorrect, this definition is broad, and I am not sure overly meaningful or engaging with the employee at the coal face. 

Read More

30/09/2015 / Enterprise Risk Management, Risk Management, Operational Risk

Need Help Defining Operational Risk?

Defining Operational Risk is not as easy as it looks 

One of the most basic steps in any risk management process is to define your operational risks.  Risks are typically recorded in a risk register together with their related controls (a topic to be covered in a later blog). This sounds easy but for any of you that have reviewed a range of risk registers or attempted it yourselves, you might have found that it is, in fact, a complex task.

The two main issues to consider are:

  1. What exactly are you describing? Your risk description needs to be consistent between all risks.
  2. What level of granularity and detail should the risk description contain?
Read More