iso - Blog - Global Risk Community2024-03-19T05:04:26Zhttps://globalriskcommunity.com/profiles/blogs/feed/tag/isoGlobal Iso Propyl Alcohol Market is Expected to Cross 4.9 Million Tonnes by 2030https://globalriskcommunity.com/profiles/blogs/global-iso-propyl-alcohol-market-is-expected-to-cross-4-9-million2020-05-08T12:00:00.000Z2020-05-08T12:00:00.000ZChemAnalysthttps://globalriskcommunity.com/members/ChemAnalyst<div><p></p><p><span>According to ChemAnalyst report, “<strong>Global Iso Propyl Alcohol Market - Plant Capacity, Production, Operating Efficiency, Process, Demand & Supply, Grade, End Use, Application, Sales Channel, Region, Competition, Trade, Customer & Price Intelligence Market Analysis, 2015-2030”,</strong></span> <span>the global Iso Propyl Alcohol market is expected to grow at a healthy CAGR of 6.87% during the forecast period. Rising demand for solvents across end use industries such as paints and coatings and pharmaceuticals backed by surge in demand for disinfectants, which include hand sanitizers, surface cleaners and other hygiene products would bolster the demand for Iso Propyl Alcohol during the forecast period.</span></p><p><strong>Browse the Complete Report: <a href="https://www.chemanalyst.com/industry-report/iso-propyl-alcohol-ipa-market-35" target="_blank">Iso Propyl Alcohol (IPA) Market Report</a></strong></p><p><span>The outbreak of COVID-19 has been a tipping point in the global IPA market, making it one of the most demanded chemicals during the period of unprecedented crisis. This happened after WHO declared the use of alcohol-based hand sanitizers, essential for inactivating potentially harmful coronavirus whose transmission rate is still creating a havoc in several economies. Centre for Disease Control (CDC) has recommended the use of alcohol-based sanitizers containing 60% ethanol or 70% isopropanol in homes, offices, hospitals, and other public places. Since the declaration, alcohol -based hand sanitizers have become the most sought-after product in the global markets forcing several chemical manufacturers to enter Iso Propanol and hand sanitizer production in their fight against Covid-19.</span></p><p></p><p><span>International prices of Iso Propyl Alcohol (IPA) have skyrocketed in the first quarter of 2020 triggered by overwhelming demand for manufacturing hand sanitizers. U.S.IPA which was showing a nominal price rise in February, soared rapidly with number of coronavirus cases in U.S. surpassing the world’s other economies. In March, recorded IPA spot prices were in the range of $1,367-1,874/tonne while export and spot prices are even higher. Other regions like Europe and Asia have witnessed more than 100 per cent spike in IPA prices in the first quarter in response to the soaring demand. IPA prices are anticipated to climb higher in the coming weeks as new companies are planning venture into sanitizer manufacturing, causing a further upward pressure on the global IPA demand.</span></p><p><span>The Dow Chemical Company, Exxon Mobil Corporation, LyondellBasell Industries Holdings B.V., LG Chem Ltd., Royal Dutch Shell Plc., Clariant AG, Honeywell International Inc., JXTG Nippon Oil & Energy Corporation, Mitsui Chemicals Inc., United States Petroleum & Chemical Corporation, INEOS Enterprises, Deepak Fertilizers and Petrochemicals Corporation Limited etc., are some of the leading players operating in the Global Iso Propyl Alcohol market. To combat the unabated IPA demand, major players increased their production capacities to grapple with the rising demand. Exxon Mobil ramped up its IPA production capacities in final quarter of FY20. Moreover, INEOS, one of leading chemical manufacturers in the global market has been running its IPA plants at full capacities with establishments of new sanitizer plants in France and Germany.</span></p><p>Regionally, the Iso Propyl Alcohol market has been segmented into various regions including Asia-Pacific, North America, South America, Europe, and Middle East & Africa. <span>According to ChemAnalyst report, <strong>“Global Iso Propyl Alcohol Market - Plant Capacity, Production, Operating Efficiency, Process, Demand & Supply, Grade, End Use, Application, Sales Channel, Region, Competition, Trade, Customer & Price Intelligence Market Analysis, 2015-2030”</strong></span>, APAC is the global manufacturing hub for IPA, with expanding pharmaceutical sector and petrochemical hubs. China and India are contributing in huge volumes to cater to rising global IPA demand. North America and Europe are also likely to drive the market appreciably well concerned by lasting effects of Coronavirus. New capacity additions as well as expansion are expected to consolidate considerable revenues to the global IPA market, thus contributing well towards uplifting the economies of the major IPA producing countries.</p><p>“IPA production can happen through three routes, viz., indirect hydration of Propylene, direct hydration of Propylene and catalytic hydrogenation of Acetone. APAC countries like China and India are opportunistic of the current situation and are currently running both their acetone and propylene to IPA plants at their full capacities. However, major players in U.S. believe that when the markets are restored and the pandemic passes, acetone route would be preferred over longer runs. Moreover, increasing awareness among people for maintaining personal hygiene and preventive measures towards Covid-19 will dominantly drive the global IPA demand in the forecast period. At the same time, the manufacturers would have to be thorough with raw material and supply chain analysis to enjoy better margins. Company’s long-term strategies to strengthen both upstream and downstream sectors would hugely impact the global IPA demand pushing it to unprecedented levels during the forecast period” said Mr. Karan Chechi, Research Director with TechSci Research, a research based global management consulting firm promoting ChemAnalyst.</p><p><strong>Source: ChemAnalyst</strong></p></div>Webinar: 7 Steps to Perfecting Your Compliance Managementhttps://globalriskcommunity.com/profiles/blogs/webinar-7-steps-to-perfecting-your-compliance-management2020-04-01T08:02:48.000Z2020-04-01T08:02:48.000Zvicky daleyhttps://globalriskcommunity.com/members/vickydaley<div><p><span><a href="{{#staticFileLink}}8028316652,original{{/staticFileLink}}" target="_blank"><img src="{{#staticFileLink}}8028316652,original{{/staticFileLink}}" class="align-center" alt="8028316652?profile=original" /></a></span></p><p></p><p><span>Keeping up-to-date with legal changes across multiple jurisdictions and international boundaries is a challenge for every business. This on-demand webinar explores how to keep track of only the regulations that matter to your business, and how to ensure individual sites remain compliant.</span></p><div><span>Watch the webinar <a href="https://info.libryo.com/7-steps-to-perfecting-your-compliance-management" target="_blank">here</a>:</span></div><p>In this webinar, in partnership with IsoMetrix, you will learn:</p><ul><li><span>7 steps to perfecting compliance management across a multi-jurisdictional environment</span></li><li><span>How to link risk and consequence to site-specific laws</span></li><li><span>How global companies prepare for EHS audits to avoid fines and boost the bottom line</span></li><li><span>Real results from a case study: How one leading multinational, agriculture, mining and chemicals company manages 687 laws across 44 of their operational sites globally</span></li></ul><div><strong><a href="https://info.libryo.com/7-steps-to-perfecting-your-compliance-management" target="_blank">Complete the form here</a> to watch the webinar now.</strong></div></div>How to link your legal requirements to your risk assessment?https://globalriskcommunity.com/profiles/blogs/how-to-link-your-legal-requirements-to-your-risk-assessment2020-01-13T10:41:12.000Z2020-01-13T10:41:12.000Zvicky daleyhttps://globalriskcommunity.com/members/vickydaley<div><p>Learn about the importance of risk assessments and how the process of linking your legal requirements can bring a whole host of benefits.</p><h3><span><strong>What is a risk assessment?</strong></span></h3><p>A risk assessment is a process in which an employer, or someone competent appointed by an employer, will identify any hazards and evaluate the associated risks within a workplace. This type of risk assessment can be referred to as a HIRA (Hazard Identification and Risk Assessment). </p><p>In many countries around the world, such as in South Africa and the United Kingdom, this type of risk assessment is a<span> </span><span><a href="https://blog.libryo.com/legal-registers-filtering-out-regulation-relevant-to-somebody-elses-job">legal requirement</a></span><span> </span>for employers to ensure the health and safety of their employees. When identifying hazards on site, it is helpful to break them down into broader categories. </p><p>Examples of some hazard identification categories are:</p><ul><li>Mechanical Hazards</li><li>Non-Mechanical Hazards</li><li>Chemical Hazards</li><li>Physical Hazards</li></ul><p>Another type of risk assessment that can be done, is to assess the various aspects of a business that can impact the environment. These are often referred to as AIR’s (Aspect and Impact Registers). </p><p>Environmental impacts can then be broken down into different categories:</p><ul><li>Air pollution</li><li>Water Pollution</li><li>Ground/land pollution</li><li>Biodiversity</li><li>Social Impacts</li><li>Heritage</li><li>Visual Impacts</li></ul><p>You can also conduct various other risk assessments per legal domain such as Information Systems, Quality and Food Safety. </p><p></p><h3><span><strong>Why are risk assessments important?</strong></span></h3><p>Having a documented risk assessment is required by law for any employer. Further to this, being able to identify potential hazards based on the activities within a business is the first step in being able to put control measures in place to avoid any disasters from happening. If there is an incident that occurs on site, one of the first things that the department will ask is if a risk assessment has been done.</p><p>It can end up being a costly lesson to learn for businesses if they have not conducted a risk assessment, or have failed to put the correct controls in place to mitigate risks. This lesson could be in the form of a fine/penalty, an action lawsuit that could lead to imprisonment, reputational damage, equipment damage, and can even deter future employees from wanting to work for your business.</p><h3><span><strong>Stage 1: Understand your consequences</strong></span></h3><p>Find out what the consequences of non-compliance are in relation to your applicable legal requirements. Solutions like<span> </span><span><a href="https://libryo.com/" target="_blank">Libryo</a></span><span> </span>can do this quickly for you, saving the process of trawling through legislation. </p><p></p><p>Once you’ve identified the potential risks within your business, how do you know what control measures you need to put in place to avoid these risks from occurring?</p><h3><span><strong>Stage 2: Link your risk assessment to your legal requirements </strong></span></h3><p>The next step in determining what control measures you should put in place to avoid operational risks from occurring, is to determine what is required by law. Linking your legal requirements to your operational risks is critical in demonstrating that you understand what steps to take by understanding the context of your business.</p><p>If your company is certified by a management system standard<span> </span><span><a href="https://blog.libryo.com/iso-9001-2015-legal-requirements">such as ISO</a></span>, to maintain your certification you will be required to link your operational risks to your legal risks. This can be an extremely lengthy process, especially if there are multiple sections that can apply to an identified risk, impact or threat.</p><h3><span><strong>How Libryo helps you link your risk assessments</strong></span></h3><p>Here are some of the ways you can use Libryo to help with the process of linking your legal requirements to your risk assessment:</p><ul><li><strong>Updated legal register</strong></li></ul><p>The manual process of linking your legal requirements to your operational risks can be extremely time consuming. By linking your risk assessment to your online legal register on Libryo, you can ensure that your legislation will automatically remain up-to-date and include all of the relevant changes. This is a huge time saver if you consider how long it would take to manually update the links to the law in your risk assessment, every time a change in law happens.</p><ul><li><strong>Search</strong></li></ul><p>Libryo’s<span> </span><span><a href="https://libryo.com/legal-registers/">custom legal registers</a></span><span> </span>are structured in such a way that the law is tagged by different topics. These topics will show the different sections of law that apply to a particular area, matter, function, etc. </p><p>These topics are extremely helpful when linking your operational risks to the identified legal requirements as they will display all the relevant sections of law that apply on one page. For example, if you have identified all of the environmental impacts that could cause air pollution, simply make use of Libryo search, type in “Air Pollution” and click on the topic result.</p><p></p><p>This will display all applicable legislation dealing with air pollution. You can then copy and paste the URL into your excel document to demonstrate the link to the law.</p><p>Not only is the Libryo topic search a huge time saver but it groups all of your relevant legal requirements into one place for ease of reference.</p><p></p><ul><li><strong>Documents</strong></li></ul><p>Libryo’s documents module gives you the ability to upload your legally required compliance documents in one central location. These documents can then be accessed by the rest of your team who also have access to Libryo. You can store your risk assessments on Libryo in their own folder which makes it easy for an auditor to see everything in one place.</p><ul><li><strong>Professional Services</strong></li></ul><p>Libryo professional services can help you link your legal requirements to your risk assessment using our fast and efficient linking tool. If your risk assessments are done in excel we can help you in just a few simple steps.</p><p> </p><p>To learn more about Libryo’s features and custom legal registers<span> </span><span><a href="https://info.libryo.com/brochure">download the brochure.</a></span></p></div>Gazetted Officer: Aspects of getting documents attestedhttps://globalriskcommunity.com/profiles/blogs/gazetted-officer-aspects-of-getting-documents-attested2019-05-07T10:30:00.000Z2019-05-07T10:30:00.000ZJatin Kapoorhttps://globalriskcommunity.com/members/JatinKapoor<div><p><span style="font-size:14pt;"><strong>Gazetted Officer</strong></span></p>
<p>A senior government official whose appointment is published in the Gazette of India or any State Government Gazette, he/she is called Gazetted. Their authority of using an official stamp comes from the President of India or the Governors of States. To put it simply, they represent the Indian State and the President.</p>
<p>Important identification & certification documents, to avail various government and banking facilities, require attestation by a gazetted officer, first.</p>
<p><strong><img class="CToWUd" src="https://ci4.googleusercontent.com/proxy/MXdeKm-BKOFbBjO1UyE1rBAaAcImScm3lc9BXOmIEI4Mgbc_JwahDKuX0bN4GGAb3-hw17hbFqhol-5JoaH3GV5l0iRiIzLPOKx2I5A8NN9QfDU=s0-d-e1-ft" alt="MXdeKm-BKOFbBjO1UyE1rBAaAcImScm3lc9BXOmIEI4Mgbc_JwahDKuX0bN4GGAb3-hw17hbFqhol-5JoaH3GV5l0iRiIzLPOKx2I5A8NN9QfDU=s0-d-e1-ft" /></strong></p>
<p><em><strong>Listen and subscribe to our RISK Management SHOW, available on major podcast apps and via the link below </strong></em></p>
<p><a href="https://globalriskcommunity.libsyn.com/" target="_blank"><img class="CToWUd" src="https://ci4.googleusercontent.com/proxy/AsUqkySeE7cDs65Yr1zWGmYzluA0rIUH6Pf-ctbdm0oD8PY8sb0C7k7qHdgBrUKXD7QveikJFEru3Bg2WBve8p2wMy2FVNbQjHkCM2Nxk2H0QWBLVRN0OzwizInUAj3uT_RE77E=s0-d-e1-ft#{{#staticFileLink}}8069434896,original{{/staticFileLink}}" alt="8069434896?profile=original" width="645" height="80" /></a></p>
<p><img class="CToWUd" src="https://ci4.googleusercontent.com/proxy/MXdeKm-BKOFbBjO1UyE1rBAaAcImScm3lc9BXOmIEI4Mgbc_JwahDKuX0bN4GGAb3-hw17hbFqhol-5JoaH3GV5l0iRiIzLPOKx2I5A8NN9QfDU=s0-d-e1-ft" alt="MXdeKm-BKOFbBjO1UyE1rBAaAcImScm3lc9BXOmIEI4Mgbc_JwahDKuX0bN4GGAb3-hw17hbFqhol-5JoaH3GV5l0iRiIzLPOKx2I5A8NN9QfDU=s0-d-e1-ft" /></p>
<p> </p>
<p><span style="font-size:14pt;"><strong>Who is a Gazetted Officer</strong></span></p>
<p>Basically, a Gazetted Officer belongs to either of the below categories:</p>
<ol>
<li><strong>Group A or Class I (Gazetted and Executive officers):</strong></li>
</ol>
<p>This class consists of the highest class of government servants. They are ranked from level 1 to 10 in the Civilian and Defence Pay Matrices. Include:</p>
<ul>
<li>Officers of Indian Armed forces,</li>
<li>Magistrates in Judicial services and above,</li>
<li>Central and State service men (Doctors, Engineers, Drug Controller),</li>
<li>Employees of central and state government universities (Vice Chancellors, Principals, Assistant Registrars, Faculty members, etc.),</li>
<li>Scientists working in a government-funded research organization (such as DRDO etc.),</li>
<li>Central or state government employees who have Group A service Rules (IAS, IES, DIG, DCP, ASP, DGP, JCP, IB, SDPO, etc.),</li>
<li>All Police officers ranking above circle inspector.</li>
</ul>
<ol>
<li><strong>Group B or Class II (Gazetted officers):</strong></li>
</ol>
<ul>
<li>Section Officers,</li>
<li>Assistant Executive Engineers,</li>
<li>Block Development Officers (BDO),</li>
<li>Tehsildars,</li>
<li>Junior Doctors working in Government Hospitals,</li>
<li>Magistrates,</li>
<li>Headmasters of Government High Schools,</li>
<li>2nd Lieutenant,</li>
<li>Lecturers of Government colleges,</li>
<li>Income Tax and Revenue officials.</li>
</ul>
<div id="om-cyleseddvagssksuvew3-holder"> </div>
<p>Post-retirement they cease to be Gazetted officers, with all powers to attest divested.</p>
<p> </p>
<p><span style="font-size:14pt;"><strong>Gazetted Officer Attestation</strong></span></p>
<p>The Gazetted Officer who puts the stamp, along with this authority, becomes responsible to check and verify that the person actually exists. The purpose of the Attestation is to make sure that the person is legally authentic.</p>
<p>An Official can not attest a document, without identifying the person. Therefore, they may keep a copy of your document.</p>
<p> </p>
<p><span style="font-size:14pt;"><strong>Situations requiring Gazetted Officer Attestation</strong></span></p>
<p>You would need to reach the Gazetted Officer, with your valid original ID proof and its copy to get your documents attested. It is, generally, required when applying for:</p>
<ol>
<li>Ration card</li>
<li>Passport</li>
<li>Government jobs</li>
<li>To take Admission in Schools, Colleges</li>
<li>While filing for tenders, some have a prerequisite of attested certificates</li>
<li>Documents for Digital Signature Certificate (DSC)</li>
</ol>
<p> </p>
<p><span style="font-size:14pt;"><strong>Important points about Gazetted Officer Attestation</strong></span></p>
<ol>
<li>A Gazetted Officer does <strong>not include </strong>any officers of <strong>Notary, Nagar Sevak</strong>, etc.</li>
<li>Only officers of <strong>Group A</strong> and <strong>Group B</strong> can attest the documents. Officials coming under two other categories Group C and Group D are not Gazetted, Officers.</li>
<li>If attestation is being done for the purpose of applying for a <strong>passport.</strong> It can only be done by <strong>Group A</strong> gazetted officer only who are under the rank of Secretary/Dy. Director (Level 11 and above), for example, Sub-divisional Magistrate, etc.</li>
<li>Only a <strong>Group A</strong> official can attest the documents related to C<strong>itizenship Certification</strong>.</li>
<li>Only a <strong>Police Official</strong> and <strong>Group A</strong> official can attest <strong>Character Certificate</strong>.</li>
<li>The <strong>name, designation and contact number of the gazetted officer</strong> should be clearly mentioned.</li>
<li>The Documents are to be attested in <strong>blue ink only</strong>. To be valid, it has to have a <strong>stamp of the attesting officer</strong> and the department or organization he belongs to.</li>
<li>There are <strong>no fees</strong> for getting the attestation done by any gazetted officer.</li>
</ol>
<p> </p>
<p><span style="font-size:14pt;"><strong>End of Gazetted Officer's Attestation</strong></span></p>
<p>One of the lesser spoken and disputed contribution of the current government has been the relaxation in the troublesome practice of requiring Attested copies of Certificates for higher studies and government jobs, to accompany the application forms. Since 2014, a lot of services require only self-attested copies now. Earlier, it was resulting in a wastage of time and the general citizens, many times, had to pay money for this free service.</p>
<p>The Central Government, also, wrote to the State Governments guiding them to do away with the requirement of attaching affidavits or documents attested by Notary or Gazetted Officials. To reduce red-tape, simplify the procedure and make the methods citizen friendly. </p>
<p>Taking the cue, State Governments are adopting the provision of Self-Certification by applicants, instead of asking for an attested copy, in a phased manner. Thereafter, self-attested documents such as birth certificates and mark sheets, are accepted. Gazetted Officer's attestation is no more required to take a Tatkal Passport or admissions to State or Central Universities or even Government jobs.</p>
<p>Self-Attestation rules, however, require the person to keep ready the original documents at the final stage.s</p>
<p>Though the Central Government wants to completely rid this requirement with the help of biometrical verification. Still, Self-Attestation is not permitted in some cases where it is a statutory requirement. </p>
<p><em>The article has been written by Reema, a content writer with LegalRaasta. India's top portal for professional help related to legal, finance and business such as </em><a href="https://www.legalraasta.com/income-tax-return/"><em>ITR filing</em></a><em>, Company Registration, </em><a href="https://www.legalraasta.com/trademark-registration/"><em>trademark registration</em></a><em>, etc.</em></p>
<p> </p></div>Private limited company -The next step to ownershiphttps://globalriskcommunity.com/profiles/blogs/private-limited-company-the-next-step-to-ownership2019-04-30T06:31:29.000Z2019-04-30T06:31:29.000ZJatin Kapoorhttps://globalriskcommunity.com/members/JatinKapoor<div><p><span>Establishing a private limited company with creative ideas is like giving wings to your own dreams. Especially when you are the owner of your own company. The most catchy part of starting the journey of owning a private company is a big risk. But a great profit is earned and one has to choose the finest entity for that. A company will be popular on the basis of catchy and engaging taglines. The private limited company does full justification to the taglines. The best examples are seen today.</span></p><ul><li><span>Reliance Industries Limited</span></li><li><span>TATA Steel Limited</span></li><li><span>Bajaj Auto Ltd</span></li><li><span>Bharti Tele-Ventures Limited</span></li></ul><p><span> Many more all these company are well-known and famed private limited companies in India. As the name specifies its meaning a "private" means personal "Limited" means restricted in size and "Company" a commercial business.</span></p><p><span>Pvt.Ltd is a short form used after the company's name. A private limited company is personally operated for small businesses with limited liabilities. The responsibility of Private Limited Company members is confined to the number of shares individually owned by them. The buying and selling the shares of the private limited company cannot be done publicly.</span></p><p><span>The people who are involved in private companies are Directors, shareholders, employees, and members. In the company at least 2 members are required and a maximum of 200 and there should be 2 directors. The Least paid-up capital required to establish a company is Rs. 1 Lakh.</span></p><p><strong>Why would anyone pick the private limited company?</strong></p><p><span>The answer to this question- the private limited company has a great team of employees. Who are talented to build a remarkable name for the company. The limited liability is big protection for the owners of the private company. In the case of profit and loss situations limited liability secure there ways. So, in private companies its a mandatory process to go for <strong><a href="https://www.legalraasta.com/llp-registration/">LLP Registration</a></strong>(Limited Liability Partnership) for securing the future of the company. If the company is facing any loss the company's assets are taken into the account their personal assets are safe.</span></p><p><span>The decision-making process in a private company is swift and quick. The time is utilized in strengthening the efficient and smooth working of the company. The pressure of stock and its market is eliminated part of this company. The shareholder's interference and expectation are according to the law of the company. They can focus on long-term earnings.</span></p><p><span>The private limited companies have the plus point that in-laws of the company.</span></p><p><strong>The situation that makes the private limited company advantageous.</strong></p><ul><li><span>The owner or any member dies</span></li><li><span>Bank corrupted</span></li><li><span>Leave the company or transfers his/her share to another member</span></li></ul><p><span>The company will remain for long-run and it will not dissolve in any situation. There is no option for shareholders to trade there shares with the public and let them subscribe to their shares. Even, shares cannot be traded on a public stock exchange as there are a limited amount of shareholders. It is obligatory that you should state Pvt. Ltd at the end of a company name.</span></p><p><span>The registration of a private company is way more easy and accessible.</span></p><p><strong><span> The steps of registration one need to follow up by establishing a private limited company.</span></strong></p><ul><li><span>Name approval by the ministry of the cooperating affair(MCA)</span></li><li><span>Digital sign</span></li><li><span>Submission of incorporation application with MCA </span></li><li><span>Ltd. incorporation certificate. </span></li></ul><p><strong><span>The mandatory documentation for the commencement of a private limited company. </span></strong></p><ul><li><span>A copy of Aadhaar Card or Voter ID</span></li><li><span>A copy of Electricity Bill</span></li><li><span>Passport and PAN card copy</span></li><li><span>NOC from the owner of the property</span></li><li><span>2 passport size photographs of the owner</span></li><li><span>Proof of address of the company and the bank statements. </span></li><li><span>All the documents need to be attested.</span></li></ul><p><span>A private limited company has all advantage and interest of partnership like compliance. Also, it has higher capital enrichment and intensified skills and techniques. Even it has much more to contribute merged with limited liability, higher resistance, and legitimate existence. Company ownership is separate and private. Hence, it does not require to face the Exchange Commission and strict Securities filing provisions of public companies.</span></p><p><span>This article is framed by Shrishti Jain the content writer in Legalraasta. It is India's top portal. The company render its finest and great service like company registration, loans, <strong><a href="https://www.legalraasta.com/private-limited-company-registration/">Private Limited Company Registration</a></strong>, etc</span></p><p><span> </span></p></div>Introducing BenchMarker TM, an online Risk Management Effectiveness Assessment toolsethttps://globalriskcommunity.com/profiles/blogs/introducing-benchmarker-tm-an-online-risk-management2015-08-07T06:00:00.000Z2015-08-07T06:00:00.000ZJohannes Swanepoelhttps://globalriskcommunity.com/members/JohannesSwanepoel<div><h2><span style="font-family:'arial black', 'avant garde';">Radar and Specialty Technical Publishers (STP) Launch Online Risk Management Assessment Program</span></h2><p><span style="font-family:arial, helvetica, sans-serif;">Announcing ERM BenchMarker™, offering tailored assessment of risk management effectiveness and improvement based on decades of experience in risk management, and organizational competence in managing risk.</span></p><p><span style="font-family:arial, helvetica, sans-serif;">Radar, The Risk Management Company providing Consulting, Engineering, Education and Software Services, in partnership with Specialty Technical Publishers, premier North American publisher of audit, compliance and risk solutions, announced the release of BenchMarker™, the first online risk assessment and management audit program.</span></p><p><span style="font-family:arial, helvetica, sans-serif;">All organizations face uncertainty when pursuing strategies, operations, and project plans. To resolve and reduce uncertainty, organizations assess risk in achieving their objectives, and develop competencies to manage risk by embedding these competencies within existing management systems and organizational processes.</span></p><p><span style="font-family:arial, helvetica, sans-serif;">An effective risk management program is essential to the success of any business, large or small, and should be tailored to meet its unique needs and requirements. Risk management creates value, protects the interests of internal stakeholders, manages the expectations of external stakeholders, and contributes to the achievement of goals and objectives.</span></p><p><span style="font-family:arial, helvetica, sans-serif;">Benefit from CRO experiences, industry best practice, and COSO ERM and ISO 31000 to collect findings, consider improvements, and generate a 5-year risk management plan.</span></p><p></p><p><span style="font-family:arial, helvetica, sans-serif;">Click to visit the</span> <a href="https://radar-risk.com/2015/07/introducing-benchmarker-tm/" target="_blank" style="font-family:arial, helvetica, sans-serif;">blog source</a><span style="font-family:arial, helvetica, sans-serif;"> </span></p><p><span style="font-family:arial, helvetica, sans-serif;">at <a href="https://radar-risk.com" target="_blank">Radar Risk Management Company</a></span></p><div class="col col-6 txt-left"><h4><span style="font-family:'arial black', 'avant garde';font-size:1em;" class="font-size-6">How does ERM BenchmarkerTM work?</span></h4><div class="to-accordion-holder clearfix"><h5 class="to-accordion-title"><span style="font-family:'arial black', 'avant garde';">Assess risk management improvement potential</span></h5><div class="to-accordion-content"><img class="to-sc-image has-anim" src="https://radar-risk.com/wp-content/uploads/2015/07/Benchmarker-TM-Assessment-Summary.png" alt="" width="269" height="157" /></div></div><div class="to-accordion-holder clearfix"><h5 class="to-accordion-title"><span style="font-family:'arial black', 'avant garde';">Track your progress along the way</span><br /><br /><img src="https://radar-risk.com/wp-content/uploads/2015/07/benchmarker-status.png" width="268" height="184" alt="benchmarker-status.png" /><br /></h5></div><div class="to-accordion-holder clearfix"><h5 class="to-accordion-title"><span style="font-family:'arial black', 'avant garde';">Access ERM domains easily using dashboards</span></h5><p><img src="https://radar-risk.com/wp-content/uploads/2015/07/All-Capabilities" width="456" height="201" alt="All-Capabilities" /></p></div><div class="to-accordion-holder clearfix"><h5 class="to-accordion-title"><span style="font-family:'arial black', 'avant garde';">Capabilities organized per domain</span></h5><p><img src="https://radar-risk.com/wp-content/uploads/2015/07/Risk-Oversight-Capability.png" width="303" height="328" alt="Risk-Oversight-Capability.png" /></p></div><div class="to-accordion-holder clearfix"><h5 class="to-accordion-title"><span style="font-family:'arial black', 'avant garde';">Consult criteria and author guidance</span></h5><p><img src="https://radar-risk.com/wp-content/uploads/2015/07/Risk-oversight-questionnaire" width="394" height="200" alt="Risk-oversight-questionnaire" /></p></div><div class="to-accordion-holder clearfix"><h5 class="to-accordion-title"><span style="font-family:'arial black', 'avant garde';">Consider international best practices</span></h5><p><img src="https://radar-risk.com/wp-content/uploads/2015/07/COSO-ISO-crosswalk.png" width="371" height="175" alt="COSO-ISO-crosswalk.png" /></p></div><div class="to-accordion-holder clearfix"><h5 class="to-accordion-title"><span style="font-family:'arial black', 'avant garde';">Assign the appropriate maturity level</span></h5><p><img src="https://radar-risk.com/wp-content/uploads/2015/07/Criteria.png" width="470" height="160" alt="Criteria.png" /></p></div><div class="to-accordion-holder clearfix"><h5 class="to-accordion-title"><span style="font-family:'arial black', 'avant garde';">Consider future maturity levels</span></h5><p><img src="https://radar-risk.com/wp-content/uploads/2015/07/Future-improvement-potential.png" width="455" height="147" alt="Future-improvement-potential.png" /></p></div><div class="to-accordion-holder clearfix"><h5 class="to-accordion-title"><span style="font-family:'arial black', 'avant garde';">Generate 5-year risk management plans</span></h5><p><img src="https://radar-risk.com/wp-content/uploads/2015/07/Risk-Management-Plan.png" width="447" height="200" alt="Risk-Management-Plan.png" /></p></div><div class="to-accordion-holder clearfix"><h5 class="to-accordion-title"><span style="font-family:'arial black', 'avant garde';">Evaluate maturity against criteria</span></h5><p><img src="https://radar-risk.com/wp-content/uploads/2015/07/Criteria-Summary1.png" width="466" height="146" alt="Criteria-Summary1.png" /></p><p></p></div></div><div class="col col-6 col-last txt-left"><h4 class="txt-left"><span style="font-family:'arial black', 'avant garde';" class="font-size-6">About the Author</span></h4><p><img class="to-sc-image has-anim" src="https://radar-risk.com/wp-content/uploads/2015/07/Domenic-Antonucci-without-link.png" alt="" width="365" height="333" /></p><p><span>BenchMarker™</span> is authored by Domenic Antonucci, a practicing Chief Risk Officer aligning enterprise-wide risk management (ERM) and project risks for a multi-national construction and manufacturing company operating in up to 64 countries. An Australian expatriate based in Dubai UAE, Domenic specializes in bringing organizations ‘up the ERM maturity curve‘ and building risk practitioner tools for implementing ERM, ISO 31000:2009 and COSO ERM.</p><p><a target="_blank" class="to-button large standard full-rounded to-button-bg to-icon-anim to-button-anim .no-ajaxy" href="https://radar-risk.com/wp-content/uploads/2015/07/Radar-Benchmarker-Guide-May-2015-final.pdf"><span>Learn more about BenchMarker™</span></a></p></div><div class="clear"></div><div class="clear"></div><div class="col col-6 has-anim txt-left"><h4><span style="font-family:'arial black', 'avant garde';" class="font-size-5">ERM BenchMarker™ features</span></h4><ul class="to-list-holder txt-left"><li class="to-list with-icon"><span>Practicing CRO perspectives on risk management capabilities including references to ISO 31000 & COSO ERM.</span></li><li class="to-list with-icon"><span>Performance reports that indicate conformity to ISO 31000 and/or COSO ERM.</span></li><li class="to-list with-icon"><span>A gap analysis of the organization’s existing risk management capabilities compared to a best practices benchmark.</span></li><li class="to-list with-icon"><span>An exportable 5-year risk management plan for future human, technology, finance, information and partner resources needed to execute risk management goals.</span></li></ul></div><div class="col col-6 has-anim col-last txt-left"><h4><span style="font-family:'arial black', 'avant garde';" class="font-size-5">Radar and STP ERM BenchMarker™</span></h4><ul class="to-list-holder txt-left"><li class="to-list with-icon"><span>Provides clear ISO 31000 & COSO ERM crosswalk analysis</span></li><li class="to-list with-icon"><span>Generates 5-year risk management plans based on resource estimates and budget prompts.</span></li><li class="to-list with-icon"><span>Gives expert author commentary and guidance every step of the way.</span></li><li class="to-list with-icon"><span>Offers a questionnaire-based capability model for easy measurement of existing risk management capabilities.</span></li><li class="to-list with-icon"><span>Shows at-a-glance maturity status using predefined, simple criteria.</span></li><li class="to-list with-icon"><span>Delivers 1-2 updates a year to reflect changes to trends, regulations and standards.</span></li></ul></div><div class="clear"></div><div class="clear"></div><div class="col col-6 has-anim txt-left"><h4 class="txt-justify"><span style="font-family:'arial black', 'avant garde';" class="font-size-6">About Radar The Risk Management Company</span></h4><span class="subtitle txt-justify h4">Radar empowers your team and optimizes your business with expert, strategic risk management advice and a commitment to our partnership. Our global customer base include private organizations and the public sector who seek out a top Risk Management partner in Enterprise Risk Management, Security and supporting GRC Technologies. Radar offers a wide range of risk management products and services. We provide independent advice, guidance and consulting in all aspects of risk and security. We excel at specialized education and training tailored to your needs, and our engineers identify, design and advise customers on tender procedures.</span><p>If you would like more information or a demo please <a href="https://radar-risk.com/contact-us/">contact us</a>.</p><p></p><div class="col col-12 has-anim col-last txt-center col-padding col-H1"><h3 class="txt-left"><span style="font-family:'arial black', 'avant garde';" class="font-size-5">Radar Software & Content Subscriptions</span></h3><span class="subtitle txt-left h3">Export your 5-year risk management plan and import it into your Radar Risk Manager Subscription, or other selected project management applications<br /><br /></span></div><div class="col col-12 has-anim col-last txt-center col-padding col-H1"><p><span>Visit our <a class="to-button regular standard full-rounded to-button-bg to-icon-anim to-button-anim" href="https://radar-risk.com/radar-software-subscriptions/">Radar Software Subscriptions Home</a></span><a class="to-button regular standard full-rounded to-button-bg to-icon-anim to-button-anim" href="https://radar-risk.com/radar-software-subscriptions/"></a></p><p><span>Visit our <a class="to-button regular standard full-rounded to-button-bg to-icon-anim to-button-anim" href="https://radar-risk.com/subscriptions/">Radar Content Subscriptions Home</a></span><a class="to-button regular standard full-rounded to-button-bg to-icon-anim to-button-anim" href="https://radar-risk.com/subscriptions/"></a></p><p></p></div><div class="clear-padding"></div><div class="clear-padding"><strong><span style="font-size:1em;"><span style="font-family:'arial black', 'avant garde';" class="font-size-6">About Specialty Technical Publishers</span><br /></span></strong></div></div><div class="col col-6 has-anim col-last txt-left"><span class="subtitle txt-justify h4">Specialty Technical Publishers produces technical resource guides covering environmental, health & safety, transportation, accounting, business practices, standards and law, offering comprehensive guidance on key compliance and regulatory issues. STP is a division of Glacier Media Inc., a Canadian information communications company that provides primary and essential information in print, electronic and online media. Glacier’s Business and Professional Information Group publishes directories, technical manuals, research and development materials, medical education, electronic databases, investment information and specialty websites.</span><p>This risk management program is part of STP’s Audit Suite of tools designed to make EHS auditing and risk assessment easier.<br />STP’s Audit Suite tools allow the user to:</p><ul><li>Easily identify the regulations that apply to the audit.</li><li>Add, customize, and assign importance scores to audit questions based on the organization.</li><li>Build a results report with STP Xcelerator that can be distributed electronically and/or filed.</li><li>Simply and accurately record audit data to show due diligence.</li></ul></div></div>Risk Appetite in IT operationshttps://globalriskcommunity.com/profiles/blogs/risk-appetite-in-it-operations2014-07-21T02:37:27.000Z2014-07-21T02:37:27.000ZMartin Davieshttps://globalriskcommunity.com/members/MartinDavies92<div><p><span style="font-family:arial, helvetica, sans-serif;">Assessing and measuring risk appetite away from an investment portfolio is perhaps one of the most difficult risk management initiatives practitioners have to entertain, it is also discussed often on risk forums and written about avidly by many consulting firms.</span></p><p><span style="font-family:arial, helvetica, sans-serif;">In this article we release a white paper that steps through the entire process of measuring and assessing risk appetite, dealing with the numbers specifically rather than just top level summaries and catch phrases on what risk appetite is.</span></p><p><span style="font-family:arial, helvetica, sans-serif;">The paper can be downloaded from the following [ <span style="color:#0000ff;"><a href="http://goo.gl/Nrxf1F" target="_blank"><span style="color:#0000ff;">LINK</span></a></span> ]</span></p></div>Most Important 7 Standards That Must Be Followed By All IT Companies for Information Security Managementhttps://globalriskcommunity.com/profiles/blogs/most-important-7-standards-that-must-be-followed-by-all-it2014-01-27T08:30:00.000Z2014-01-27T08:30:00.000ZAshly Kristanhttps://globalriskcommunity.com/members/AshlyKristan<div><p>Do you want to attain Information Security Management and looking for the best documentation kit that can help your organization to achieve ISMS certification without making any hard efforts for the same if your answer is yes then you must adopt <b>ISO 27001 manual</b> right now which is a part of standards of Information Security Management Systems or ISMS. The standard was first came into existence in the year 2005 and from that time, this <b>ISO 27001 manual</b> is being preferred more by business entrepreneurs and working organizations of different countries of the world for the purpose of bringing security of information under explicit controlling on organization management.</p><p> <img width="750" src="{{#staticFileLink}}8028226295,original{{/staticFileLink}}" height="197" alt="8028226295?profile=original" /></p><p>The ISO 27001 manual found to be very effective in accomplishing both major as well as minor requirements of information security system and resulted in proper implementation of risk treatments and other relevant information security controls. In fact, it is only with the help of this effective ISO 270001 manual that helps in addressing the risks which are seems to be somehow unexpected in the given system. It is only with an aid of this <b>ISO 27001 manual</b> that any organization can easily <a href="http://searchsecurity.techtarget.in/definition/information-security-management-system-ISMS">examine the information security</a> risk by taking impacts of threats, vulnerabilities and other risk factors into consideration. Organizations can easily attain all necessary controlling on information security by adopting the necessary controls mentioned in this ISO standard.</p><p><b> </b></p><p><b>ISO User Friendly Documentation Kit</b></p><p>The documentation kits that are being offered under ISO 270001 manual and standard to the working organizations are completely user friendly which can be used by them for changing the contents and printing many copies as per organization requirement on achieving ISO standard certification. The contents given in the <b>ISO 27001 manual</b> are easy to edit and one can easily modify the content of documents so as to make their documents compatible to business standards. The documentation format provided in the special documentation kit comprises of readymade Information security system templates along with special sample documents which can help in reduction of both cost as well as precious time on making such readymade <b>ISO 27001</b> audit checklist. Such documentation kits are provided with expertise audit checklist comprising of effective <b>ISO 27001</b> special audit questions prepared by certified experts in the relevant arena so as to gain better controlling on achieving information security system. The audit questions in the audit checklist had been developed under the guidance of professional experts and leading consultants who’ve tested audit questions on information security system with proven formats and templates.</p><p><a href="{{#staticFileLink}}8028226474,original{{/staticFileLink}}"><img class="align-left" src="{{#staticFileLink}}8028226474,original{{/staticFileLink}}" width="331" alt="8028226474?profile=original" /></a></p><p><b> </b></p><p><b>ISO 27001 ISMS is globally verified</b></p><p>The <b>ISO 27001</b> documentation kits prove to very highly effective in making perfect audit checklist and attaining quality management system. In fact, today, it has become the most selling product across the world in the global market by many multinational companies belonging to different fields. The <b>ISO 27001</b> document kit is a globally verified kit which had been evaluated at various levels by the innovative team of ISO Consultant so that it can assist on reaching business goals with ease and comfort. The team members of ISO Consultants are highly innovative in their approach and have thorough experience of more than 20 years on preparing such documentation kit so as to make special value for money.</p><p><b> </b></p><p><b>ISMS Covers and Polices in ISO 27001</b></p><p>The <b>ISO 27001</b> documentation kit is perfect for achieving Information Security System and generally offers ISMS procedures, ISMS, blank and filled sample formats for risk controls, department wide audit checklists, special test plans and Security policies to business organizations so that such industry can achieve the Information Management Security system with covering of standard operating procedures along with complete overview of organization for which such security is needed.</p><p> </p><p>The <b>ISO 27001</b> policies in this document kits offer special guidelines which are very helpful in getting the ISO 27001 Certification with better framing of information security controls. It is generally observed that entire ISO documents is prepared as per the requirements of Information Security Management standard and are given in plain English language so that the business owner may not face any difficulty on making changes on the Information Security as per changing requirements on such information’s. So, make investment on the ISO 27001 certification ISMS documents and make your organization to achieve information security with such leading documents.</p><p> </p><p><b>#Author Bio:</b></p><p><b>Ashly Kristina</b> is a writer and a professional ISO Consultant who loves to write about the Information security management system and <a href="http://www.isoconsultant.us/iso-27001-certifications-standards-manual-documentation-audit-checklist.htm">ISO 27001 manual standards</a> and its procedures. She has written many articles on ISO Certification and CMMI Certifications. Ask more information about ISO <b>ISO 27001</b> at <a href="http://www.isoconsultant.us" target="_blank">www.isoconsultant.us</a>.</p></div>How to Implement ISO 9001 Quality Systemhttps://globalriskcommunity.com/profiles/blogs/how-to-implement-iso-9001-quality-system2014-01-11T10:54:32.000Z2014-01-11T10:54:32.000Zkristanashlyhttps://globalriskcommunity.com/members/kristanashly<div><p></p><p><span class="font-size-3">Running a business in the global marketplace has never been as demanding as it is today. The internet exposure has even given entry level businesses a chance to have global visibility in a very short time. This means increased competition along with endless opportunities and markets. Nevertheless, competition and standing out from the crowd requires a business to create its own value and stay away from clutter. This is done by creating recognition through associations and accreditation's like the ISO quality management certification.<a href="{{#staticFileLink}}8028226084,original{{/staticFileLink}}"><img class="align-full" src="{{#staticFileLink}}8028226084,original{{/staticFileLink}}" width="290" alt="8028226084?profile=original" /></a></span></p><p></p><p><span class="font-size-3"><b><u>Why You Should Have an ISO Certification?</u></b></span></p><p><span class="font-size-3">ISO certification is not something that belongs only to large corporations but can also be earned by small businesses, because it has little to do with the size of the business. This is a means of attaining a recognition for maintaining quality management documentation standards which are possible for any on-going business. It requires following an ISO quality management manual to be successful. It is imperative to realize that this is required to be successful in any area of business and it is very much pragmatic for you.</span></p><p></p><p><span class="font-size-3"><b><u>Your Commitment</u></b></span></p><p><span class="font-size-3">Starting from informal business documentation in a standardized manner of documentation is a tedious job and requires management commitment to make it possible. These standards tend to add to the workload, most of which may seem to be less fruitful for now. Instead every document will answer to those difficult questions external auditors ask when doing their audit. This is an implementation that is easier on earlier as opposed to very large businesses. Business and customer relationships are critical and this is one of those factors that reflect what business owners expect from their system.</span></p><p></p><p><span class="font-size-3"><b><u>Starting Up</u></b></span></p><p><span class="font-size-3">A convenient way to begin a quality management system is to install software that will function like Enterprise Resource Planning software for your business. It will enable you to put in all those data that you already know and put it in the form of readable information that can be made available for every department or person in-charge. This is a process-oriented approach which begins by putting all details on paper for the first time for every department, such as:</span></p><ul><li><span class="font-size-3">Purpose</span></li><li><span class="font-size-3">Scope</span></li><li><span class="font-size-3">Responsibility</span></li><li><span class="font-size-3">Description of Activities</span></li><li><span class="font-size-3">Reference</span></li><li><span class="font-size-3">Enclosures</span></li><li><span class="font-size-3">Formats/Exhibits</span></li></ul><p><span class="font-size-3">Every process begins from the order a customer places to the finished good that is shipped to the customer. In the process there are requirements for input and requirements for processing which includes purchasing, monitoring, measuring, quality checks, and complaints. These requirements are controlled by procedures which form a quality management system. A quality assurance manager oversees these tasks and ensures that an improvement plan is in place in case of any defect.</span></p><p></p><p><span class="font-size-3"><b><u>ISO 9001 Analysis</u></b></span></p><p><span class="font-size-3">The <b>ISO 9001 manual</b> analysis is done by assimilating data and statistics in to meaningful information which is also called process mapping. It is just how product behavior, characteristics, process and customer satisfaction as well as supplier performance come along over a period of time. This form of information allows managers to make evidence-based decisions on choosing their next step for choosing a supplier, customer relationship management or resource management. This information is generally described in the form of pictorial charts and statistic measurements like mean, standard deviation and graphs.</span></p><p></p><p><span class="font-size-3"><b><u>High Quality System Documentation</u></b></span></p><p><span class="font-size-3">Quality system documentation demands that there has to be an evidence for a step taken before any decision. This evidence enables informed decisions to take place. Companies maintain categorized folders that carry all forms of support documentation including correspondence that is taken between the parties. Likewise, systems involved in planning and manufacturing processes are also backed by logs that are maintained by computers in the background.</span></p><p></p><p><span class="font-size-3" style="text-decoration:underline;"><em><strong>###</strong></em></span></p><p></p><p><span class="font-size-3">Myself Kristan Ashly and I am professional ISO Consultant. I love to share my experience <a href="http://www.isodocumentationtemplate.com/iso-procedures-17025-22000-27001.htm" target="_blank">about ISO Procedures</a> in Blogging. I help my clients for ISO <span class="font-size-3">Certification</span>. If you want to take your company to the next level you must grab maximum information about <a href="http://www.isodocumentationtemplate.com/" target="_blank">ISODocumentationTemplate.com</a>.</span></p></div>ISO 31000 supporting Basel IIhttps://globalriskcommunity.com/profiles/blogs/iso-31000-supporting-basel-ii2013-01-13T02:41:25.000Z2013-01-13T02:41:25.000ZMartin Davieshttps://globalriskcommunity.com/members/MartinDavies92<div><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">On the G31000 LinkedIn risk forum, we have decided to open up a new "chat room" that is dedicated to the application of the ISO 31000 enterprise risk management standard to Banking, Insurance, Supply Chain Finance, Markets and Investment.</span></p><div class="separator"><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">The link for the new group can be found by clicking the [<span style="color:#0000ff;"><a href="http://www.linkedin.com/groups?gid=4790373&trk=myg_ugrp_ovr" target="_blank"><span style="color:#0000ff;">Link here</span></a></span>].</span></div><div><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2"><br />In this blog posting however, we are going to consider whether ISO 31000 is compatible with Basel II from the outset, [<span style="color:#0000ff;"><a href="http://causalcapital.blogspot.sg/2013/01/iso-31000-supporting-basel-ii.html" target="_blank"><span style="color:#0000ff;">Link here</span></a></span>].</span></div></div>Do risk frameworks resolve or drive dispute?https://globalriskcommunity.com/profiles/blogs/do-risk-frameworks-resolve-or-drive-dispute2012-11-02T07:40:49.000Z2012-11-02T07:40:49.000ZMartin Davieshttps://globalriskcommunity.com/members/MartinDavies92<div><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">The question today is, does the use of a risk framework such as the one proposed under ISO 31000 reduce risk management disputes between managers in a company?</span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">A possible upside we look for once a risk framework is in full operation, is an improvement in the sharing of risk knowledge and business intel. It could of course go the other way as well; where the risk framework actually does more harm than good and drives bickering or discontinuity between departmental managers?</span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">What did the G31000 forum vote for in our poll, well just in the last twenty-four hours that is?</span></p><p><span style="color:#0000ff;"><a href="http://causalcapital.blogspot.sg/2012/11/resolving-risk-disputes.html" target="_blank"><span style="color:#0000ff;">Continue reading at this link</span></a></span></p></div>MANAGING UNCERTAINTY IN ORGANISATIONS AND ENHANCING ORGANISATIONAL ‘FITNESS’ USING ISO 31000RX DIAGNOSTIC RISK ASSESSMENTShttps://globalriskcommunity.com/profiles/blogs/managing-uncertainty-in-organisations-and-enhancing2012-10-13T10:00:00.000Z2012-10-13T10:00:00.000ZDean Myburghhttps://globalriskcommunity.com/members/DeanMyburgh<div><p>In their new book <i>Beyond Performance: How Great Organizations Build Ultimate Competitive</i> <i>Advantage (2011),</i> McKinsey senior partners Scott Keller and Colin Price make some interesting observations about organisational transformation and the achievement of excellence.</p><p>Leaders wanting to „beat the odds‟ must find answers to questions related to:</p><ul><li>Dramatically (and quickly) improving the organisation‟s performance</li><li>Avoiding the pitfalls of transforming an organisation</li><li>Ensuring that performance improvements will last</li><li>Creating a culture of continuous change for sustained competitive advantage</li></ul><p>In answering these questions, the book offers some counter-intuitive insights about what matters for success. A few of these are useful in thinking about and addressing uncertainty and dealing with risk and opportunity in organisations:</p><p>To sustain high performance, give equal attention to performance and the organisation's health (or 'fitness')</p><p>The 'soft stuff' can (and should) be managed as rigorously as the 'hard stuff', i.e. tools to measure and manage health (fitness) should be applied by any leader who wants to succeed in making change happen.</p><p>A more rigorous understanding of health (fitness) facilitates organisations‟ understanding of how management practices complement - or impede - one another.</p><p>It's clear that 'best practices' don't work in a vacuum, and that's why trying to replicate them in other organisations consistently fails to deliver 'best performance'.</p><p>Common sense and the so-called rational, logic-driven approaches to creating organisationwide change are open to bias. How to overcome this is a challenge for organisation change both in the general sense, but also for risk management implementation. Diagnostic risk assessment offers a way of doing this.</p><p><b> </b><b> </b></p><p><b>The Risk Management implementation dilemma and the role of Diagnostic Risk</b> <b>Assessment</b></p><p>Risk consulting practitioners and internal risk facilitators work hard to implement risk management improvement initiatives. Various aspects of ISO 31000 fuel the debates about implementation issues and challenges. As a Standard, ISO 31000 is an excellent document. It describes the 'what' of risk management best practice, but (not unexpectedly) does not set out the 'how' (Standards seldom describe the 'how' in any detail). So, what do we do to facilitate the 'how' from a diagnostic risk assessment perspective?</p><p><a href="{{#staticFileLink}}8028223091,original{{/staticFileLink}}"></a> </p><p><a href="{{#staticFileLink}}8028223091,original{{/staticFileLink}}"><img class="align-left" src="{{#staticFileLink}}8028223091,original{{/staticFileLink}}" width="122" height="110" alt="8028223091?profile=original" /></a>Diagnostic risk assessments and an organisation development approach offer the opportunity to 'unpack' the ISO 31000 for consideration, discussion and action planning in organisations.</p><p> </p><p>Using this approach, those involved in risk management implementation initiatives in organisations are able to provide advantages that are time-saving, cost-saving, performance-(or 'fitness'-) focused and repeatable (future benchmarks, either internally or by sector).</p><p> </p><p>According to Keith Philips, CEO of QLBS.com (refer to <i>A Disruptive Technology for the</i> <i>Consultancy Practice</i>), the time has arrived to move from antiquated survey-based and other approaches to dynamic diagnostic consulting approaches using cloud-based and online self-assessments.</p><p>The cloud-based approach supports the diagnostic and consultancy process by:</p><ul><li>capturing Best or desired Practice</li><li>converting them into diagnostic tools</li><li>enabling measurement of current practice against desired practice</li><li>visualization of strengths and opportunities for improvement</li><li>facilitating action planning and automating report writing</li><li>managing the Diagnostic Consulting process across the organisation / practice</li><li>capturing the client interaction in databases for monitoring progress</li><li>aggregating data for cluster analysis, benchmarking and development</li><li>systematic development of action plans</li><li>enabling the monitoring of improvement through dashboards</li></ul><p>The future consultancy (internal or external) will have a professional diagnostics capability in which future and best practices can be shared across the consultancy and its clients. Recommendations will be developed quickly and execution monitored. This will aide faster learning, aggregating and storing knowledge quicker, and sharing of knowledge more widely internally and externally. All of this is designed to be part of the organisation's continuous improvement systems.</p><p><b> </b></p><p><b>The Benefits of Diagnostic Risk Assessment</b></p><p>Feedback from organisations using the Diagnostic approach includes the advantages of being able to see the areas needing improvement and get on top of the issues. Using the methodology supporting the diagnosis ensures the execution of action plans for improvement.</p><p> <a href="{{#staticFileLink}}8028212896,original{{/staticFileLink}}"><img class="align-left" src="{{#staticFileLink}}8028212896,original{{/staticFileLink}}" width="300" height="166" alt="8028212896?profile=original" /></a> </p><p>For risk consultants and internal facilitators, the Diagnostic approach offers the opportunity to provide a professional, well-structured, leading edge, engaging approach. Automated processes enable faster reports and dashboards to support the implementation of improvement initiatives.</p><p>Within sectors or industries, there is an opportunity, over time, to develop greater industry knowledge, capturing all client or organisational interactions and building industry databases for trend, cluster and benchmarking reports.</p><p> </p><p> </p><p>The Diagnostic Assessment approach has been applied to ISO 31000 to support the ISO31000Rx (a risk management index) that enables organisations to measure their risk management practices, processes and approaches to guide risk management action planning and improvements. This forms part of the organisation‟s drive towards 'fitness' and as part of a continuous improvement process.</p><p><a href="{{#staticFileLink}}8028223655,original{{/staticFileLink}}"><img class="align-left" src="{{#staticFileLink}}8028223655,original{{/staticFileLink}}" width="197" alt="8028223655?profile=original" /></a></p><p>Achieving sustained high performance and organisational 'fitness' means focusing on uncertainty in a structured way to address risks and opportunities (the things that will promote or detract from the achievement of objectives). In the words of Keller and Price, both the 'soft stuff' and the 'hard stuff' needs to be addressed. The principles contained in ISO 31000 include both 'hard' and 'soft' aspects. The challenge is to address these in a balanced way to make lasting improvements and move the organisation forward.</p><p>Diagnostic Risk Assessment using ISO 31000Rx helps organisations to understand how risk management practices complement - or impede - one another.</p><p> </p><p> </p><p> </p><p> Go to the <a href="http://globalriskcommunity.com/group/iso-31000-implementation-group/forum/topics/recorded-webinar-series-od-and-diagnostic-approaches-to">ISO 31000Rx Diagnostic Risk Forum</a> to access a Webinar series on the above topics and consider joining this Group.</p><p> </p><p><b><i>Dr Dean Myburgh, Associate - QLBS.com, Director: 80-20 Options NZ Ltd.</i></b></p></div>Understanding risk appetitehttps://globalriskcommunity.com/profiles/blogs/understanding-risk-appetite2012-09-05T17:24:37.000Z2012-09-05T17:24:37.000ZMartin Davieshttps://globalriskcommunity.com/members/MartinDavies92<div><p><span class="font-size-2" style="background-color:#FFFFFF;font-family:arial, helvetica, sans-serif;font-size:13px;">Risk Appetite is loosely defined as "the affinity a person has for taking risk when attempting to meet a specific objective".</span></p><p><span class="font-size-2" style="background-color:#FFFFFF;font-family:arial, helvetica, sans-serif;font-size:13px;">This concept of risk appetite differs from person to person or business to business and interestingly you will find that a person's risk appetite changes as they age.</span></p><p><span class="font-size-2" style="font-family:arial, helvetica, sans-serif;">In this blog we look at risk appetite; what it is, where it has been used and why it is important.</span></p><p><span class="font-size-2" style="font-family:arial, helvetica, sans-serif;">[ <span style="color:#0000ff;"><a href="http://causalcapital.blogspot.sg/2012/09/understanding-risk-appetite.html" target="_blank"><span style="color:#0000ff;">Click here to continue reading</span></a></span> ]<br /></span></p></div>Risk charting and bubble chartshttps://globalriskcommunity.com/profiles/blogs/risk-charting-and-bubble-charts2012-08-18T04:30:00.000Z2012-08-18T04:30:00.000ZMartin Davieshttps://globalriskcommunity.com/members/MartinDavies92<div><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">Perhaps ten years ago, reporting risk profiles or organisational threats was a challenging thing to do for many risk analysts on the job and while the majority of risk reports were fundamentally ordinary, it became apparent quite quickly that a simple list of hazards was never going to cut it.</span><br /> <br /> <span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">In this blog we look at an emerging era of risk reporting.</span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2"><span style="color:#0000ff;"><a href="http://causalcapital.blogspot.sg/2012/08/risk-charting-and-bubble-charts.html" target="_blank"><span style="color:#0000ff;">Click here to continue reading</span></a></span><br /></span></p></div>Using the ROC method to optimize controlshttps://globalriskcommunity.com/profiles/blogs/using-the-roc-method-to-optimize-controls2012-08-13T11:00:00.000Z2012-08-13T11:00:00.000ZMartin Davieshttps://globalriskcommunity.com/members/MartinDavies92<div><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">In the world of risk, analysts and managers alike try to reduce the likelihood of an event occurring by inserting controls between the event's driving factors and its outcome.</span></p><div><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">While the logic around this is sound, not all controls are equal and more often than not, some key risk indicators emit erroneous measures which mislead entire risk teams.</span></div><div><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2"> </span></div><div><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">In this short post, we look at a method for weeding out erroneous control signals.</span></div><div><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2"> </span></div><div><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2"><span style="color:#0000ff;"><a href="http://causalcapital.blogspot.com/2012/08/roc-control-optimization.html" target="_blank"><span style="color:#0000ff;">Click here to continue reading</span></a></span></span><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2"><br /></span></div></div>ISO 31010 and Loss Modelinghttps://globalriskcommunity.com/profiles/blogs/iso-31010-and-loss-modeling2012-08-06T07:55:37.000Z2012-08-06T07:55:37.000ZMartin Davieshttps://globalriskcommunity.com/members/MartinDavies92<div><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">One of the most concerning trends that continually persists in operational risk management, is the lack of interest from analysts to attempt to quantify this risk exposure coherently.</span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">In this blog we look operational risk from the perspective of the normal and the extreme.</span></p><p><span style="color:#3366ff;font-family:arial, helvetica, sans-serif;" class="font-size-2"><a href="http://causalcapital.blogspot.sg/2012/08/iso-31010-and-loss-modeling.html" target="_blank"><span style="color:#3366ff;">Click here to continue reading</span></a></span></p><p></p></div>ISO 31000 for Property Developmenthttps://globalriskcommunity.com/profiles/blogs/iso-31000-for-property-development2012-07-26T09:30:00.000Z2012-07-26T09:30:00.000ZMartin Davieshttps://globalriskcommunity.com/members/MartinDavies92<div><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">In this short journal post, we share a presentation that reviews some of the problems of risk management in property development, how risk management currently functions in this industry sector and why it would be advantageous to adopt ISO 31000 in property development.</span></p><p><span style="color:#0000ff;font-family:arial, helvetica, sans-serif;" class="font-size-2"><a href="http://causalcapital.blogspot.sg/2012/07/iso-31000-for-property-development.html" target="_blank"><span style="color:#0000ff;">Click here to continue reading</span></a></span></p></div>Retrofitting ISO 31000https://globalriskcommunity.com/profiles/blogs/retrofitting-iso-310002012-07-13T06:00:00.000Z2012-07-13T06:00:00.000ZMartin Davieshttps://globalriskcommunity.com/members/MartinDavies92<div><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">Should we retrofit ISO 31000 to become the umbrella for enterprise risk management?</span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">ISO 31000 has two key issues for integration in the enterprise. The first is an accidental creation of conflict from the ISO standards board, the other is a missed oversight on what is happening on the ground. </span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">In this blog we take a look at both of these problems [ <span style="color:#3366ff;"><span style="color:#3366ff;"><span style="color:#0000ff;"><a href="http://causalcapital.blogspot.sg/2012/07/retrofitting-iso-31000.html" target="_blank"><span style="color:#0000ff;">Click link to continue reading</span></a></span> <span style="color:#000000;">]</span></span></span></span></p></div>ISO 31004 Wishlisthttps://globalriskcommunity.com/profiles/blogs/iso-31004-wishlist2012-06-28T03:14:10.000Z2012-06-28T03:14:10.000ZMartin Davieshttps://globalriskcommunity.com/members/MartinDavies92<div><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">The International Organisation for Standardization is about to enter into a trial review for its ISO 31004 guide. Meanwhile, the risk community is generally aware of what it seems to struggle with and the world of risk knows that certain aspects of risk management are simply not verbose enough in ISO 31000.</span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">So then, perhaps it's time to write up our own ISO 31004 wishlist for solving the Achilles' Heel in <span>ISO 31000</span>.</span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">The 50 wishes for ISO 31004 can be viewed by <span style="color:#0000ff;"><a href="http://causalcapital.blogspot.sg/2012/06/iso-31004-wishlist.html" target="_blank"><span style="color:#0000ff;">clicking this link</span></a></span></span></p></div>Risk Leadership: Managing Risk to the Right Objectiveshttps://globalriskcommunity.com/profiles/blogs/risk-leadership-managing-risk-to-the-right-objectives2012-06-27T05:35:12.000Z2012-06-27T05:35:12.000ZBryan Whitefieldhttps://globalriskcommunity.com/members/BryanWhitefield<div><p>We define risk as "the effect of uncertainty on objectives" (ISO 31000), however how often do we stop and ask if we have the right objectives in the first place? On what basis were they formed? When were they developed? Have times changed? In my experience facilitating risk workshops, often a poor or even incorrect set of objectives is the "elephant in the room" for the management team. <span style="font-weight:bold;">Here are some tips for ensuring you have the right objectives:</span></p><p><b><span style="line-height:115%;font-size:8pt;"> </span></b><span style="font-weight:bold;">Stakeholder Analysis</span> - Identify your stakeholders, group them to keep them manageable, analyse them. What are the positive elements of their views of us? What are the negative elements? How important are they? <span style="font-weight:bold;">The key question here is whether your objectives align with those of your key stakeholders.</span><br clear="none" /><br clear="none" /><span style="font-weight:bold;">Macro Environment</span> - There are many options for this, however, a favourite of mine is PEST which explores the Political, Economic, Social and Technology factors affecting the organisation or project. <span style="font-weight:bold;">If here you identify significant threats or opportunities that are not covered by your objectives you may need to adjust them.</span><br clear="none" /><br clear="none" /><span style="font-weight:bold;">Industry Analysis</span> - A powerful tool for analysis of the competitive forces in an industry is Porter's Five Forces. Although designed for industry analysis, it can be easily adapted to assess the internal competing forces within government or within an enterprise. <span style="font-weight:bold;">You may find that your objectives are too ambitious or not ambitious enough.</span><br style="font-weight:bold;" clear="none" /><br clear="none" /><span style="font-weight:bold;">Internal Analysis</span> - For this analysis I prefer one of my own tools, <a style="font-family:arial;color:#1c1c1e;" href="http://www.rmpartners.com.au/~Link-1400~" target="_blank">RMP's Five Building Blocks</a> which is the basis of <a style="font-family:arial;color:#1c1c1e;" href="http://www.rmpartners.com.au/~Link-1402~" target="_blank">RMP's risk management maturity model, the RMP Healthcheck</a>. RMP's five building blocks are: Strategy linked to Performance, People linked to Knowledge, Processes linked to Systems, Assets linked to Liabilities and all supported by Organisational Culture. <span style="font-weight:bold;">Once again, if you have key strengths or weaknesses that were not recognised when your o</span><span><b>bjectives were set you may need to rethink them.</b></span></p><p> </p><p><span><b><a href="http://www.rmpartners.com.au/">www.rmpartners.com.au</a></b></span></p><p> </p></div>Why perceptions in objectives are important for risk managershttps://globalriskcommunity.com/profiles/blogs/why-perceptions-in-objectives-are-important-for-risk-managers2012-06-01T19:53:03.000Z2012-06-01T19:53:03.000ZMartin Davieshttps://globalriskcommunity.com/members/MartinDavies92<div><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">If we assume risk management is actually formalised within an institution, then a firm might do well to perhaps consider embedding decision making and appetite into their risk enterprise framework.</span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">A look into why it is so hard to comprehend risk appetite and five tips which improve the quantification of risk appetite on objectives.</span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2"><span style="color:#0000ff;"><a href="http://causalcapital.blogspot.com/2012/06/perception-in-objectives.html" target="_blank"><span style="color:#0000ff;">Click here to continue reading</span></a></span>.</span></p></div>ISO 31000 for bankshttps://globalriskcommunity.com/profiles/blogs/iso-31000-for-banks2012-05-17T15:30:00.000Z2012-05-17T15:30:00.000ZMartin Davieshttps://globalriskcommunity.com/members/MartinDavies92<div><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">A presentation on ISO 31000 for banks.</span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">A presentation that looks at ISO 31000 in the banking domain. Why ISO 31000 is compatible with Basel, why ISO 31000 can value-add a Basel risk framework.</span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2"><font face="arial, helvetica, sans-serif">The presentation attached to this [ <span style="color:#ff0000;"><a href="http://causalcapital.blogspot.com/2012/05/iso-31000-for-banks.html" target="_blank"><span style="color:#ff0000;">link</span></a></span> ] will be delivered at the ISO 31000 conference in Paris on 21st and 22nd of May 2012.</font></span></p></div>10 Reasons Why Your Enterprise Risk Management Program Wont Workhttps://globalriskcommunity.com/profiles/blogs/10-reasons-why-your-enterprise-risk-management-program-wont-work2012-04-09T07:12:01.000Z2012-04-09T07:12:01.000ZJames Fieldhttps://globalriskcommunity.com/members/JamesField<div><p>This is a copy of the latest CompliSpace blog orginally published at <a href="http://http//complispace.wordpress.com/2012/04/04/10-reasons-why-your-enterprise-risk-management-program-wont-work/" target="_blank">http://http://complispace.wordpress.com/2012/04/04/10-reasons-why-your-enterprise-risk-management-program-wont-work/</a>. Would love to get your feedback.</p><p></p><p>In our last blog post we boldly asserted <a href="http://wp.me/pEt1M-kd">“If You’re Not Practicing Enterprise Risk Management You Should Be”</a>.</p><p>So it was with great interest that we came across an article in Risk Management Magazine titled “<em><a href="http://www.riskmagazine.com.au/article/is-erm-failing-126212.aspx">Is ERM Failing?</a></em>” which basically summarised the finding of a <a href="http://www.pwc.com/en_US/us/risk-assurance-services/internal-audit/publications/assets/pwc-2012-state-of-internal-audit-survey.pdf">2012 PwC report</a> that found that while 74% of executives who responded to the survey had a formal Enterprise Risk Management process in place, only 45% said that they were comfortable with how well their most critical risks were being managed.</p><p>So this got us thinking. Is ERM Failing? Well we believe the answer to that question is a resounding NO. ERM works just fine, if you know what you are doing. The title to the Risk Magazine article really should be “Is Management Failing to Properly Implement ERM?” because that is the root of the problem.</p><p>So, as to put our money where our mouth is, we thought we would scribble down our Top 10 reasons why ERM programs won’t work. And because we have already taken about 250 words just to position this blog we are going to publish a blog series which gives more detail to each ERM problem area as we see it.</p><p>We are also asking for reader contributions so we can build out a definitive list, which may help others avoid falling into the traps of their predecessors. Once we have built out the list, for a bit of fun we will rank the Top 10 … or even Top 20 if we can get some social media interaction going.</p><p>So to get the party started here, in no particular order, are our Top 10 reasons ERM programs won’t work. As the blog series is published we will add hyperlinks to this blog so you will be able to link from each heading to another blog which contains a more detailed analysis of the issue raised.</p><p><strong>No. 1 – Leadership & Culture</strong> – Simply put, enterprise risk management won’t work in an organisation that does not have a participative management culture that encourages open debate and allows individuals to raise risks without fear of retribution. Organisations that stifle debate and leaders that surround themselves with Emperor’s New Clothes style “yes men” are doomed to fail … eventually.</p><p><strong>No. 2 – Excel Spreadsheets</strong> – We have been screaming about this issue for years. We wish we had a dollar for every organisation that we have seen that has spent considerable time and energy in running risk workshops and building frameworks only to have all their risks end up on a static excel spreadsheet (or worse in a Word document) … and then in a year or two’s time work out that the whole ERM effort was an enormous waste of time and effort. Excel spreadsheets don’t work in an ERM context. Using GRC (Governance, Risk, Compliance) software is a must.The trick is to understand what to look for in GRC software. In our experience “expensive” does not equal “better”.</p><p><strong>No. 3 – Compliance Focus</strong> – Many regulators now require organisations to implement risk management systems. Think financial services, AML/CTF, work health and safety, environmental impact statements, publicly listed entities. The problem, as we see it, is that many organisations have a very limited view of risk management, which is derived from the fact that it was first introduced as a compliance necessity. Many executives in these organisations appear satisfied having thrown a few risks on an excel spreadsheet (aka a “Risk Register”) and having a document titled “Risk Management Program”. In fact they will often have multiple risk registers (to satisfy different regulators), none of which talk to each other and none of which add any value to the organisation. Unfortunately the sense of satisfaction of these executives is often fulfilled by regulators who rarely enforce their own risk requirements. By way of example, neither ASIC or the ASX require independent verification of the fact that an organisation’s risk program is actually working.</p><p><strong>No. 4 – Common Risk Language</strong> – Without a clear and deep set of risk classifications that cover all of the types of risks that an organisation may face, it is a simple fact that most organisations will miss key risks and they will then probably end up building out a risk register minus the greatest risks the organisation faces. In this case your ERM program will be meaningless to your directors and key executives, and will be doomed to fail. In a later blog, we will explain how an organisation can use multiple risk languages to satisfy its desire to control both micro and macro risks.</p><p><strong>No. 5 – Diamonds in the Sand</strong> – Ultimately, it will be the board of directors and senior executive team who determine whether or not they see any value in ERM. And you don’t have to be Einstein to work out that to get them engaged you need to provide a short but sharp (no more than 15-20) list of risks that are truly reflective of your organisation’s risk profile. These risks may be strategic, operational or financial. They may come from left field, or be derived from micro risk sources within your organisation. The challenge for those responsible for managing risk is to identify the “Diamonds in the Sand”. In our experience, the vast majority of organisations have not learnt the art of finding and delivering the diamonds.</p><p><strong>No. 6 – Over Quantification</strong> – Pick up just about any text book on Enterprise Risk Management and somewhere along the way you will come up against a set of mathematical formula that will make you feel inadequate. We know that maths geeks do, sort of, rule the world (think Google algorithms and hedge fund managers) however when it comes to ERM there’s something the maths geeks can’t deal with and that is … “people”. In our view, ERM is all about management and getting the right information into the hands of managers so they can make the right decisions. You can do it without having a PHD in maths.</p><p><strong>No. 7 – The Chasm Between Risk Practitioners & GRC Software Vendors</strong> - Has anyone else noticed the chasm between risk management practitioners (consultants and internal resources) and GRC software vendors? The usual scenario is that the practitioner is called in, runs a workshop and develops a risk framework, a risk register and a flashy heat map, without reference to how the framework will actually work on an ongoing basis, which includes linking with internal control and incident management systems. The organisation then approaches GRC vendors to make the system come alive. GRC vendors sell systems. They will give you training on how their system works. However, they will presume that you have all the necessary content, skills and expertise to automate your paper based system. In our experience, for ERM to work effectively, the risk framework needs to be designed and documented with the GRC software solution at front of mind.</p><p><strong>No. 8 – Vision, Planning & Silos</strong> – This is pretty much the difference between the old Australian Risk Management Standard AS/NZ 4360 and the ISO 31000 International Risk Management Standard. Whereas AS/NZ 4360 focused purely on the seven step risk management process, ISO 31000 makes it clear that for the Risk Management Process to work it needs to be developed within an ERM framework and this framework requires, up front, a clear mandate and commitment from directors and senior executives within an organisation. Unfortunately, organisations often attempt to build risk systems without really understanding their ultimate goal in terms of return on investment (ROI). Without clear vision and planning, they end up with what we call “Shanty Town Governance” which is reflected in organisations that have multiple risk based programs (e.g. ERM, Business Continuity, Workplace safety, Fraud Control, AML/CTF) which have been built on a standalone basis. With clear vision and planning, organisations will invest and persist in developing an ERM program which will deliver ROI in spades. If you want a detailed explanation as to the differences between AS/NZ 4360 and ISO 31000 you might want to read our 2010 blog <a title="The New International Risk Management Standard AS/NZ ISO 31000 – What You Need To Know" href="http://complispace.wordpress.com/2010/05/19/the-new-international-risk-management-standard-asnz-iso-31000-%E2%80%93-what-you-need-to-know/">The New International Risk Management Standard AS/NZ ISO 31000 – What You Need To Know</a></p><p><strong>No. 9 – Linking Strategic Objectives</strong> – ERM is all about enabling directors and executive managers to effectively predict future events, and prepare their organisations for the impact of these events. ERM will not add value unless it is clearly linked to the strategic goals and objectives of your organisation. After all, it is your strategic goals and objectives which dictate the future direction of your organisation and provide guidance as to the likely source of key risks.</p><p><strong>No. 10 – Risk Articulation & Granularity</strong> – The art of properly articulating risks is rarely mentioned however it is a major point of confusion, and ultimately ERM failure, in many organisations. At a basic level we often see risk registers where the described risk is actually a consequence. In others, the description of the risks is simply a statement which does not describe a particular risk event and therefore is not capable of being analysed in terms of likelihood and consequence. Then we have the issue of granularity. Organisations often get bogged down in micro risks, or conversely only articulate a handful of macro risks. Getting the balance right will depend on the nature and complexity of the organisation.</p><p><strong>And finally…</strong></p><p>Some more problem areas to think about: poor visibility and integration of internal policies and procedures, poor internal communication of risk, lack of internal risk training for directors and executive managers, poor understanding of risk maturity concepts.</p><p>Hopefully organisations that are either in the process of implementing an ERM program, or are not comfortable with how their ERM programs are performing, will find some food for thought in this blog. For risk practitioners reading this, please send us through your comments and ideas.</p></div>ISO 31000 and Objectiveshttps://globalriskcommunity.com/profiles/blogs/iso-31000-and-objectives2012-03-10T05:00:00.000Z2012-03-10T05:00:00.000ZMartin Davieshttps://globalriskcommunity.com/members/MartinDavies92<div><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">ISO 31000 is becoming a popular risk framework, a credible alternative for COSO and many organisations across the planet are now selecting this approach for formalizing their internal risk programs directly. Actually, ISO 31000 is probably taking the lions share of market interest for risk management at present and that isn't such a bad thing.</span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2"><font face="arial, helvetica, sans-serif">One aspect that sets ISO aside from many other risk frameworks in use, is its clear delineation yet connection between an objective and the objectives uncertainty. In this article we take a brief look at this relationship.</font></span></p><p><span style="color:#ff0000;font-family:arial, helvetica, sans-serif;" class="font-size-2"><a href="http://causalcapital.blogspot.com/2012/03/iso-31000-and-objectives.html" target="_blank"><font face="arial, helvetica, sans-serif"><span style="color:#ff0000;">Click here to continue reading</span></font></a></span></p></div>COSO & ISO 31000 Exposure Valuationhttps://globalriskcommunity.com/profiles/blogs/coso-iso-31000-exposure-valuation2012-02-10T08:46:48.000Z2012-02-10T08:46:48.000ZMartin Davieshttps://globalriskcommunity.com/members/MartinDavies92<div><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">Is ISO 31000 going to make the risk quantification mistakes that COSO did?</span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">I have been following various debates on quantifying operational risk exposure on linked-in and elsewhere on the internet in the backdrop of risk standards such as COSO and ISO 31000.</span></p><div><div><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">What is a little disappointing is that it appears we might be falling into the same trap with ISO 31000 as the world has already done with COSO. </span></div><div><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2"><br /></span></div></div><div><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">Let's take a look at the single problem around: What is the value of risk from an event?</span></div><div><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2"><br /></span></div><div><a href="http://quantogate.blogspot.com/2012/02/coso-iso-exposure-valuation.html" target="_blank"><font face="arial, helvetica, sans-serif">Read more by clicking here</font></a></div><p><span><br /></span></p></div>New ISO Standard ISO 10674 for Credit Rating Agencieshttps://globalriskcommunity.com/profiles/blogs/new-iso-standard-iso-10674-for2011-04-02T13:00:00.000Z2011-04-02T13:00:00.000ZMartin Davieshttps://globalriskcommunity.com/members/MartinDavies92<div><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">The International Organisation for Standardization has recently published a new ISO standard that targets rating agencies specifically. It announced this release on the 30th of March 2011 and is classifying the Credit Rating Agency Standard as a unique set of requirements labelled ISO 10674. In this article we are briefly going to look at what this standard aims to achieve, why it has come into existence and how it will be game changing for the credit rating agencies.</span></p><p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-2">More can be found by following <a href="http://tinyurl.com/3zwvvct" target="_blank" style="font-family:arial, helvetica, sans-serif;">this link</a></span></p></div>