Risk Management Insights

I want to join the BLOG

06/12/2016 / Enterprise Risk Management, ERM, Risk in Motion

Enterprise Risk Management - Connecting the Dots

Connecting the dots (in this case, the risks).

It has been a bit of a journey over the last 15 years. At Protecht, we started with the vision of a SaaS enterprise risk management solution that allowed connection of risk to the core components of what was back then, considered an ERM framework. This meant that our central library of risks was not only used in the risk and control assessments but also linked to key risk indicators, attestations and incidents. This enabled our client base to get a more fluid picture of risk and was the genesis of the RiskInMotion™ concept.
 

What was missing back then was the business intelligence engine to bring it all together.

Roll forward to 2016 and there are even more dots to connect. Over the last 5 years we have seen our clients rapidly build and deploy the following additional web-based forms to capture, workflow and report on risk related information pertaining to:

  • Fraud
  • Supplier due diligence
  • Conflicts of interest
  • Internal audit findings
  • Complaints
  • Compliance breaches
  • Business continuity plans and tests
  • Conflicts of interest
  • New products evaluation
  • Ex gratia payments
  • Policy management
Read More

27/09/2016 / Enterprise Risk Management, Risk Culture, Risk Maturity, Risk Manager

Successfully Implementing an Enterprise Risk Management System

5 factors of success

I was thinking about the characteristics of companies that make the decision to acquire and then successfully implement an Enterprise Risk Management software solution. Why? Well, we are in the business of providing software solutions to companies so we are always interested in understanding, why certain companies get more out of ERM solutions than others.  However, upon reflection, I think it is also important for companies on the ERM journey to reflect on these factors of success in their own decision-making process. So what are some of the factors of success?

1. Company Size – Does Size Matter?

Often company size is considered as a driver for moving to an ERM software solution. The bigger the company, the greater the need as there are more people involved in the process. Manually following up actions, treatment plans and risk assessment becomes more time-consuming and prone to errors. So generally speaking, we would expect some correlation between the number of ERM installations and size.

Read More

09/06/2016 / Enterprise Risk Management, Risk Audit, ERM, Risk Maturity

ATO implements Protecht's Enterprise Risk Management System

NOT SUCH A TAXING TIME

Some months ago Protecht was delighted that Protecht.ERM was selected by the ATO as the ATO’s corporate-wide risk and governance system. After just a short time, under the guidance of Jodie Thomas, Executive Director, ATO Corporate and the ATO project implementation team, the ATO is already recognising some of the immense benefits that Protecht.ERM is capable of delivering.

Read More

20/05/2016 / Enterprise Risk Management, Risk Management, Risk Appetite

When to Invite 'Good' Risk

 BLOG_Interview_pic_NBC_2-534307-edited.jpg

During this month we have been talking about Risk Management and Risk Appetite. NSW Business Chamber also interviewed Our CEO Alf Esteban on the value of risk management to organisations - regardless of size. We wanted to share this article with you; we hope you find it useful:

Don't just tick the box of risk management - think outside it.
It's where real value lies.

As kids we’re taught to avoid risk but embracing it may be the best thing you can do for your business.

Risk management is a day-to-day part of running a business, but many organisations are failing to manage their risk effectively, resulting in reduced productivity and even profitability. 

Look through negative perceptions

“There is a perception that all risk is bad in business and that ‘managing’ it is just about compliance,” says Alf Esteban, Chief Executive Officer of risk management company Protecht. “Consequently many businesses look at it as something they have to do, a box they have to tick, without seeing the value of it.”

In fact, placing a higher value on risk management is one of the best things you can do to ensure your business flourishes. 
Read More

03/03/2016 / Enterprise Risk Management, Risk and Control Self Assessment, Operational Risk

Operational Risk Management 3 – Risk and Controls Self Assessment applied in a Business Context

Operational Risk Management

This is the third blog in this Operational Risk Management series. In the first article, I explained the incredible KRI system we all have via our five senses. In the second blog, I discussed the application of the Risk and Control Self Assessment (RCSA) in our personal lives using the example of the annual medical check-up. The seven key steps of the RCSA process were set out as part of this example. 

In this blog, we will see how the RCSA works in a business context by applying it to a business process. I will use the process of managing employee expense claims, their payment, processing and recording, a process we can all appreciate from one perspective or another. This example is deliberately at a granular level to illustrate the principles. The same concepts should be used at any level of the organisation using the appropriate level of granularity. This means that the volume of information should be similar for any risk assessment carried out.

Read More

24/02/2016 / Enterprise Risk Management, Risk and Control Self Assessment, Operational Risk

Operational Risk Management 2 – Learning from yourself as an expert already!

Risk-_Controls_Self_Assesment.jpg

My last blog highlighted the extensive use of KRIs (Key Risk Indicators) in our personal lives and the incredible KRI system we all have via our five senses. This blog focusses on the Risk and Control Self Assessment process. Again, the expertise we have in our personal lives provides excellent guidance as to how a good RCSA should be carried out in our businesses and the value add of the RCSA process when done well.

In our personal lives, risk assessments are sometimes performed formally, such as for your motor vehicle’s annual service. Other times, however, they are performed informally, from checking the risks and controls relating to your swimming pool to assessing the risks of your house when your first child is born.

Read More

04/02/2016 / Enterprise Risk Management, Operational Risk

Operational Risk Management 1 – Learning from yourself as an expert already!

Operational Risk Management and the wider defined Enterprise Risk Management are often touted as a new concept. While the methodologies and processes employed may have been enhanced in the recent past, risk management is hardly new.

Humans, arising from the instinct for survival, have been using and developing risk management techniques from the beginning of time. The risk management skills, knowledge and capabilities passed onto you have meant that your personal life risk management is extremely well developed. I would argue, so well developed to the point that you are often not aware that you are practicing them.

This series of articles will consider some of those personal risk management techniques and principles how we can use them to enhance the risk management in our organisations.

Read More

29/01/2016 / Enterprise Risk Management, Risk Analytics

Five tips for creating Dashboards your Users actually Use

In the last few years, while working with several risk and compliance teams from different industries to improve their reports, I noticed the following:

  • Existing reports were mostly driven by regulatory requirements
  • Reports were typically made for upper management, executive teams and board members and only a small percentage is relayed back to the people providing the data

There was no shortage of functional spreadsheets with a lot of tables and, if the author was feeling adventurous, the occasional chart or two.

Read More

29/12/2015 / Enterprise Risk Management, Risk Culture

Risk Management's Coming of Age?

As 2015 comes to a close, it is a good time to observe how risk management has continued to mature and grow towards the fully legitimised business function that we at Protecht believe it should be. Looking back, 2015 has been a defining year for Protecht and the wider risk management community.  

Read More

11/11/2015 / Enterprise Risk Management, Risk Management, ERM

The Experience of Having a Risk Management System

A REAL LIFE APPROACH

Risk management is a continuous journey. In our personal lives we instinctively make risk based decisions according to our own risk appetite. As we move from our teenage years to adulthood to middle age to our senior years, our internal risk management evolves and matures. The same applies with the organisations we work within. Their external and internal context evolves, their risk management matures and evolves to meet the challenges of the changing environment.

This week’s blog is an interview with Michael Blacker, Chief Risk Officer at Police Bank. In this interesting conversation, he shares his experiences and challenges with the evolution of risk management at Police Bank and explains how Protecht.ERM is being used to embed risk management throughout the organisation. We hope that you enjoy the interview.

Read More