Risk Appetite is such a simple concept that everyone thinks they know but invariably misunderstand. COSO and other regulatory requirements for boards to issue a Risk Appetite Statement has led to a belief a business has an overarching level of risk tolerance. Personally I don’t believe these Risk Appetite Statements add any value but regulators are regulators. Continue reading
Corporate objectives are not the “bulls eye” of strategic planning they’re just the dartboard. Boards are assessed by the quality of their Results not the quality of their Objectives. Continue reading
In the last decade we have seen the evolution of Risk Management from an administrative practice to ERM for corporate governance. But the realization that results come out of action not protection, people have started pursuing a more proactive role for risk management. Continue reading
COSO has announced its intention to review its 2004 ERM Framework and has already started soliciting feedback. Broadly panned by the Risk fraternity, I believe it can provide a valuable contribution to the GRC landscape. Although I expect critics from both sides (COSO & ISO 31000), here are my recommendations. Continue reading
It is customary at this time of year for most risk professionals to step back and take a broader look at the risk landscape ahead for the coming year. The normal starting point is the “think-tank” assessments of Global Risks such as Zurich Risk Landscape 2007-2015 and the WEF’s 2015 Global Risk Report. And Global Warming is at the top of most experts’ lists. Continue reading