In Part 1: Decoding The RIMS Risk Management Maturity Model, I introduced the first of seven key attributes of the RIMS Risk Management Maturity Model, which was ERM-Based Approach. Here, in Part 2 of Decoding The RIMS Risk Management Maturity Model, I will discuss the attribute number two – ERM Process Management. Continue reading
Let’s start with what is ERM? Enterprise Risk Management (ERM): is a process of planning, organizing, leading, and controlling the activities of an organization in order to minimize the effects of a risk to an organization. It expands beyond a daily run of the mill operational management! A true ERM program will have its scope expand to strategic, financial, reputational, human resource and business continuity as well as operational and legal risks. Most organizations, as they mature embark on a journey of establishing a robust Enterprise Risk Management (ERM) Program! Continue reading
Albert Einstein once said that … “Insanity is doing the same thing over and over again and expecting different results.” If you find yourself doing a root cause analysis on the same problem again and again, it may be a time to revisit the root cause analysis from a framework point of view rather than a tool. In this article, I will go over an example of root cause analysis as a risk management framework rather than one of the tools or a process that you use for troubleshooting a problem. Continue reading
The Board of Directors are vital for any organization’s good governance. Governance determines how an organization is centered and where it stands. “The Boards of Directors are a group of individuals within an organization that are either elected or appointed as representatives of Shareholders or Owners to establish Corporate Governance and enterprise risk management policies”. (Source: ERMGovernance.com) It is given that for an organization to be successful, it should have a Board of Directors (BOD) with a broad mix of skills to oversee the wide range of issues that may arise. Continue reading
I recently got a question from one of my clients regarding risks associated with non-compliance in Emergency Department concerning two patient identifiers. The risk identified by my client is not uncommon among many healthcare organizations and falls under operational and compliance risk management. In order to comply with the required organizational practices (ROPs), we first need to have a closer look at it. Continue reading