Risk Management Insights

I want to join the BLOG

02/12/2015 / Security Risk Management, information security management, Risk Management

Cloud Computing- Food for Thought

WHAT TO HAVE IN MIND?

The move towards cloud computing is exciting for many businesses. Not only are they able to realize cost savings through lesser maintenance of their own IT systems, many cloud tools enable new levels of sharing, collaboration and ease of access, which can transform the way businesses work.

However, wider adoption of cloud computing leads to increased scrutiny, both from users and regulators. The availability, integrity and confidentiality of data remains critical for any business regardless of whether it is stored on site or in the cloud. Thus prior to entering any hosting or cloud arrangement, companies should have a robust process in place to evaluate the service.

Read More

18/11/2015 / Risk Culture, Risk Management, Risk Appetite, Risk and Control Self Assessment, Performance Management

How to Balance Risk and Reward in your organisation?

Finding the Optimal Balance to make better decisions

Organisations, or more precisely, the employees of organisations, make hundreds, if not thousands of decisions a day.  Some are major, such as deciding on strategy or whether to purchase a new system while many are small, such as whether to take the stairs or elevator or where to place your coffee on your work desk.

Read More

11/11/2015 / Enterprise Risk Management, Risk Management, ERM

The Experience of Having a Risk Management System

A REAL LIFE APPROACH

Risk management is a continuous journey. In our personal lives we instinctively make risk based decisions according to our own risk appetite. As we move from our teenage years to adulthood to middle age to our senior years, our internal risk management evolves and matures. The same applies with the organisations we work within. Their external and internal context evolves, their risk management matures and evolves to meet the challenges of the changing environment.

This week’s blog is an interview with Michael Blacker, Chief Risk Officer at Police Bank. In this interesting conversation, he shares his experiences and challenges with the evolution of risk management at Police Bank and explains how Protecht.ERM is being used to embed risk management throughout the organisation. We hope that you enjoy the interview.

Read More

05/11/2015 / Protecht News & Events, Risk Culture, Risk Management

Active Presence in Risk Management Events

Protecht Supporting Industry Associations

The conference season is upon us and once again Protecht has shown its support of the risk and compliance profession through its participation at key industry association events in Australia, such as COBA, GRCI and RMIA Conferences. 

Our first event of the season was the Customer Owned Banking Association (COBA) Conference held in Darwin in mid-September. Protecht has had a long connection with the mutual banking sector, with a large number of COBA member organisations and their Boards being trained by David Tattam and many member credit unions and mutual banks using Protecht.ERM, Protecht.ALM and Protecht.CCRM for their enterprise, market and commercial credit risk management needs.

Read More

27/10/2015 / Enterprise Risk Management, Risk Culture, Risk Management

The Road to Enterprise Risk Management Maturity

FOUR things to carefully consider during your journey to ERM maturity

The yellow brick road led to the Emerald City. The enterprise risk management (ERM) Emerald City is the risk management maturity we are all looking for, but most of us do not know where it is exactly and even what it looks like. We do, however, have an idea.  In a number of five step maturity models, the 5th and final stage is often called “Optimised”. What does this look like?

Read More

21/10/2015 / Enterprise Risk Management, Risk Culture, Risk Management

How to Achieve your Risk Management Goals

TEN KEYS to Risk Management Success 

Having worked with many clients over the years in implementing, maintaining and developing their risk management systems you learn what works and, on the other hand, what does not.

The following are my top TEN KEYS to success – get these right and you will have a risk management function that is seen as critical as any other management function in the value it adds.

1. Keep it Simple

With any developing discipline, there is a tendency to invent new words and use big words that sound smart but no one understands. Risk management is no exception with a myriad of fancy words and acronyms. 

Read More

13/10/2015 / Enterprise Risk Management, Risk Management, Risk Maturity

The 7 key ingredients for successfully transforming and maturing your ERM

Maturity is “the state or quality of being fully grown or developed.” 

Transformation means “a marked change, as in appearance or character, usually for the better”. When we apply this to Enterprise Risk Management (ERM) within an organisation, it requires some refinement.  We would suggest “transforming your risk management through maturity” means to “develop your risk management towards being fully grown by making a marked change for the better in both appearance and character”.

Read More

07/10/2015 / Enterprise Risk Management, Risk Management, Risk and Control Self Assessment, Operational Risk

Need Help Defining Controls?

6 Key Questions to Define Risk Management Controls.

In last week's blog, I discussed the basic but often confused issue, of describing operational risks in a logical and understandable way. This week, I turn to controls, which are often as equally poorly defined and understood.

The ISO 31000 standard defines control as a “measure that is modifying risk”. While not incorrect, this definition is broad, and I am not sure overly meaningful or engaging with the employee at the coal face. 

Read More

30/09/2015 / Enterprise Risk Management, Risk Management, Operational Risk

Need Help Defining Operational Risk?

Defining Operational Risk is not as easy as it looks 

One of the most basic steps in any risk management process is to define your operational risks.  Risks are typically recorded in a risk register together with their related controls (a topic to be covered in a later blog). This sounds easy but for any of you that have reviewed a range of risk registers or attempted it yourselves, you might have found that it is, in fact, a complex task.

The two main issues to consider are:

  1. What exactly are you describing? Your risk description needs to be consistent between all risks.
  2. What level of granularity and detail should the risk description contain?
Read More

22/05/2015 / Risk Culture, Risk Management, Commercial Credit Risk Management

Business Intelligence for Commercial Credit Risk Management

Good practice in credit risk management is to turn periodic core banking data (eg. portfolio balance vs arrears) into meaningful information for ongoing portfolio monitoring and loan loss analysis. The process of transforming raw data into meaningful information to support business decisions is denoted by the term ‘Business Intelligence’ (BI). This can provide banks and other commercial lenders with better visibility and management of credit risk across commercial credit portfolios.

Read More