#422 – GPT PROMPTS YOU CAN USE FOR RISK MANAGEMENT – PATRICK OW

Featured

Tailor the responses to your specific context – organisation, industry and country – and consult with professionals or experts for specific advice or guidance. Be creative in exploring different prompts. 

  1. Risk governance
  • “Act as a CEO and write a business-focused practical risk management policy according to ISO 31000 for [web page URL].”
  • “Act as a CEO and write a comprehensive risk strategy for [web page URL]. The strategy must detail all steps, actions, and deliverables to be produced including performance indicators to monitor progress and for reporting purposes. A risk management strategy is a structured approach to addressing risks and can be used in companies of all sizes and across any industry.”
  • “Create a risk universe for [web page URL]. The risk universe is the list of risks the company faces or might face. This risk universe can be used as a checklist to identify, consolidate and aggregate risk events across the organisation for reporting and monitoring. Tell me how to apply the risk universe.”
  • “What are the key components of a robust risk governance framework for a company with [number of employees] operating in the [industry] in [country]? How can we establish a structure that promotes effective risk management throughout the organisation?”
  • “What roles and responsibilities should be defined for effective risk governance? How can we allocate accountability and ensure clear ownership of risks, controls and treatments?”
  • “How can the board and senior management effectively engage in risk governance? What practices or mechanisms can be implemented to promote their active involvement?”
  • “How can we define and communicate the organisation’s risk appetite and tolerance levels? What considerations should be considered when establishing these parameters?”
  • “What policies and procedures should be developed to guide risk governance activities? How can we ensure they align with industry best practices and regulatory requirements?”
  • “What reporting mechanisms should be in place to provide regular updates on risk governance activities? How can we effectively communicate risk information to relevant stakeholders?”
  • “How can we foster a strong risk culture within the organisation? What initiatives can be implemented to promote risk awareness and encourage risk-conscious behaviours?”
  • “What mechanisms should be established to monitor and review the effectiveness of risk governance practices? How can we ensure continuous improvement in risk management?”
  • “Create a comprehensive business continuity and resilience strategy for [web page URL] that incorporates the managing of third-party and supply chain risks that complies with the requirements of ISO 22301.”
  • “What are the steps to take to move from risk management 1.0 to risk management 2.0 and 3.0?”

Continue reading

#421 – HOW TO SUPERCHARGE YOUR RISK MANAGEMENT WITH AI PART 1 – PATRICK OW

Featured

ChatGPT, whether you like it or not, is an AI-powered tool that has already moved from science-fiction to real-world application at a very rapid pace. It is one of the many AI tools we use daily, like Siri or Google Assistant, where its conversational fluency helps bring digital powers to everyday users. Continue reading

#419 – WHAT DOES CHAT GPT SAY ABOUT RISK MANAGEMENT? – PATRICK OW

Featured

With the popularity of ChatGPT, I asked the artificial intelligence chatbot to compare Risk Management 1.0, 2.0 and 3.0. It says that risk management has evolved from a reactive and risk-centric approach (1.0) to a more proactive, integrated, and opportunity-focused approach (2.0) and further to a holistic, ecosystem-oriented, and adaptive approach (3.0). What a nice way to summarise the journey we have had so far. Continue reading

#417 – DO THIS TO WIN THE PHISHING WARS – PATRICK OW

Featured

The Security in Depth’s 2023 State of Cyber Security research project, which surveyed over 3,800 individuals, found a whopping 99% claimed they could identify a phishing attack.

What is of concern is 46% of them have clicked on a link they shouldn’t have in the last 12 months! Continue reading

#413 – INTEGRATED PERFORMANCE, RISK, AND COMPLIANCE REPORTING – PATRICK OW

Featured

When it comes to reporting organisational performance, risks, and compliance, especially in an integrated manner, we have become lazy or opportunistic.

A risk manager once told me how she has put together three arch lever folders of documentation for the upcoming Board meeting in her organisation. And she was so proud of her achievements!

Three things crossed my mind when she said that. Continue reading