Risk Management Insights

I want to join the BLOG

David Bergmark, Chief Executive Officer

David Bergmark consults on a variety of market and enterprise risk management issues and is actively involved in the development and implementation of Protecht's risk management software (ERM and ALM). David started out in the audit division of Price Waterhouse in 1990, handling clients such as Macquarie Bank and Bankers Trust. By 1994 he was Risk Controller for Carrington Securities - a financial markets trading company. In 1996 David left Carrington to head up the Risk Management Department at IBJ Australia Bank (IBJA) where he was responsible for the development of all risk disciplines at the bank – market, credit, liquidity and operational.
Find me on:

Recent Posts

Risk Management Software, Internal Audit

Internal Audit and Enterprise Risk Management

"Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organisation's operations" as defined by The Institute of Internal Auditors Australia. It holds numerous benefits for improving an organisation's risk management systems and procedures due to its systematic and disciplined approach. 

Internal audit plays an important role for organisations to improve management and accountability and provide assurance to key stakeholders that the organisation is governed effectively.

Read More

Key Risk Indicators, Risk Management Software, Internal Audit

Enterprise Risk Management Software and the Internal Audit function

The Internal Audit function has always been an integral part of any organisation, giving independent comfort to stakeholders that the governance and the control environment are operating as expected and and in an effective way. As part of that work, recommendations to improve systems and processes are often provided.

The starting point for any risk-based internal audit is to understand the risks associated with key business functions or processes, and the controls that mitigate either the likelihood of the risk occurring or its impact.

Read More

Press/Media, Protecht Culture

Thank you for an awesome 2018! 🎉

Firstly, thank you to all of our clients, followers and subscribers for your support over the last 12 months. It has been an incredible year of growth. To close off Protecht's 19th year in business, here's a round up of key events, milestones and stats from 2018.

Read More

Enterprise Risk Management, ERM, Risk in Motion, Risk Management Software

Enterprise Risk Management - Connecting the Dots. RiskInMotion

Connecting the dots (in this case, the risks).

It has been a bit of a journey over the last 15 years. At Protecht, we started with the vision of a SaaS enterprise risk management solution that allowed connection of risk to the core components of what was back then, considered an ERM framework. This meant that our central library of risks was not only used in the risk and control assessments but also linked to key risk indicators, attestations and incidents. This enabled our client base to get a more fluid picture of risk and was the genesis of the RiskInMotion™ concept.
 

What was missing back then was the business intelligence engine to bring it all together.

Read More

Compliance Management, Enterprise Risk Management

Understanding Compliance Risk

Today, corporations and government agencies are facing an unprecedented wave of regulatory obligations and increased penalties for non-compliance. The financial services sector, as an example, needs to comply with a myriad of prudential regulations, federal privacy, AML/CTF, consumer credit and protection laws to name a few. Obligation registers now contain over 1,000 entries for compliance teams to deal with. In smaller organisations, these teams are often under-resourced due to compliance being a cost centre.

In this blog, we will discuss issues around some of the complexities of effective compliance risk management.

Read More

Protecht News & Events, Risk Culture, Risk Management

2017 Wow... What a Year

Protecht's 2017 in Review! Thank You for Your Support

The last 12 months have been full of amazing changes and challenges for Protecht and we want to take this opportunity to thank all our clients, partners, staff members and blog readers for all the support. We have many reasons to celebrate; continued growth in our wonderful advisory, development and support teams, record growth in client numbers as well as the move of our Sydney head office to a bigger and better space. It was almost 20 years ago that David Tattam and I commenced working together on the Protecht concept, dreaming of one day having a leading risk management training, advisory and software company. There is still more to do as always, but it has been the most rewarding business risk that we have ever taken. 

Below are some of the milestones that made this year unforgettable for us and also some pictures of our clients and staff Christmas parties. Merry Christmas and Happy New Year 2018. 

Read More

Compliance Management, Risk Culture, ERM

Reputation Damage - Risk Event or Risk Impact?

Looking back over the last 12 months, corporate scandals continue with the finance industry seemingly always managing to make the headlines. Wells Fargo fake accounts in the US, CBA anti money laundering issues in Australia are two examples. The flow on effects from these scandals are often similar:

  1. Executives and CEO's involved are ushered out the door - key person risks arise.
  2. Fines were or will be imposed by regulatory agencies, which seem larger and more punitive in recent years.
  3. Class action lawsuits are attempted on behalf of disgruntled shareholders resulting in additional legal fees and potential settlement costs.
  4. Strategic growth objectives are derailed, as the companies involved need to batten down the hatches to recover from the scandal.
Read More

Enterprise Risk Management, Risk Controls, Risk Taxonomy

Risk Event Libraries. Do your own sanity check.

At Protecht, we get to see a lot of risk event libraries. There continues to be some confusion as to what is actually a risk event that is worthy of its place in a central library of risks. We often see these libraries peppered with failed controls, impacts and causes rather than the true underlying risk event.

In this blog, we hope to provide some tips for you to do your own sanity check on the quality of risks in your risk registers or library.

Read More

Security Risk Management, information security management

Cyber security – will we ever be safe?

I recently read an article in the @TheEconomist (April 8 edition) entitled The Myth of Cyber Security, a somewhat depressing article on the poor state of cyber security globally. The author discussed numerous reasons behind the current problems:

  • Software complexity and speed of development
  • Users failure to protect themselves
  • The technology industry’s inability to self regulate and accept liability for product flaws

The last point drawing comparisons to the car industry in the early 1960’s. It was not until the government forced their hand on safety did the industry’s attitude change.  The author considered that perhaps additional government intervention could be beneficial to the technology sector.  Examples included increased reporting requirements for companies that are hacked, forced default password changes and legislated timeframes for fixes to "at risk" products.

Read More

Protecht News & Events, Risk Culture, Risk Management

2016 - The Year That Was

2016 Done and Dusted

Over the last three weeks we have had Christmas parties in Melbourne and Sydney for our clients, as well as our staff Christmas event. (Check out more photos at the end of the post.) Needless to say, we are all looking forward to some downtime leading into the New Year.

Read More