Federal and state regulatory compliance requirements have grown exponentially and touch all operational areas. Compliance has become very complex and expensive with extensive new regulations, multiple overlapping information sources, and operational impacts that are difficult to identify and track. Financial Institutions typically manage compliance workflows manually, which is difficult in multiple branch or interstate operations, and across multiple lines of business. As a result, compliance an
erm (173)
Risk management is not about absolutes, it is about using a consistent analysis framework for balancing risk and cost on a common basis across the enterprise. Yesterday's announcement by the Transportation Security Administration (TSA) of their adoption of a risk-based approach is a long awaited practical application of enterprise risk management to security.
As April 25, 2013, the TSA will allow small pocketknives and an array of sporting equipment -- banned from aircraft cabins in the wake of t
The past three years have seen a number of man-made and natural disasters bring risk management demands to the forefront of executives and board directors. Fat-tail risks that have a low probability, but a very high impact to the organization, such as the Japanese tsunami, the Gulf of Mexico oil spill or the euro-zone liquidity crisis, have been front and center, creating a renewed interest in enterprise risk management (ERM) practices.
John Brown, Director, Risk Management, Supply Chain & Techni
This week I faced the ultimate personal test of my risk management skills, where I had to soul search “do I practice what I preach as an ERM expert.”. Sunday, the night before the storm of the century Hurricane Sandy hit, I had tickets to fly to Texas as a speaker and expert on ERM. What would become of my home and family? Had I applied the same risk principles in my work as a CEO of the leading enterprise risk management software company in my personal life? Had I done put a personal business c
In my last blog and On-Demand Webinar “Presenting Risk Management to the Board,” I was asked for help identifying government regulations that hold Boards responsible for Enterprise Risk Management (ERM) compliance.
Definition: First some background, the SEC Proxy Disclosure Enhancements rule defines ERM compliance as extending the board's role in risk oversight to the threshold of material impact of the risk regardless of the level. Boards of Directors were previously only responsible for CEO- le
The first shoe to drop was government regulations holding the Board of Directors personally responsible for the effectiveness of enterprise risk management programs at their organizations. Boards are given a choice between proving their risk management programs are effective or disclosing their ineffectiveness in risk management to the public. If they do neither, it is considered fraud, as not knowing about a risk is no longer a defense.
What does enterprise risk management effectiveness mean? No
A chemical plant explosion in Japan on Sunday shows the consequences of poor risk management in a really personal way. The Nippon Shokubai Co. produces a chemical that is a critical link in the supply chain for one-fifth of all the world's diapers. A diaper shortage is expected.
One, where was the risk management program to prevent the explosion? As is always with these things, in the next 6 weeks, evidence of an employee warning their management about conditions that could result in an explosion
The past 24 months have seen a number of man-made and natural disasters bring risk management demands to the forefront of executives and board directors. Whether these have been natural disasters, such as the Japanese Tsunami or man-made disasters, such as the Gulf of Mexico oil spill, fat-tail disasters have created a renewed interest in enterprise risk management (ERM) practices.
Although demand for these practices and the discussion level for their use is high inside the C-suite of many corpor
Project change management involves new IT systems, new products, and new markets, or reacting to a change in the business environment, such as regulatory or competitive actions. Project risk management is about identifying new risks or changes in the threat level of existing business processes. The challenge for project managers is how to get teams, functional areas, business processes, systems, and vendors aligned to new goals; moreover, how to get the needed transparency into the activities th
The goal of every ERM program is to assess material risk down to where the risk activity takes place, which typically means extending to front line management, and aggregate this information to an objective, accurate, and holistic picture applicable for each stakeholder, including the board. However without ERM software, risk management programs cannot reach this level.
With the high cost of traditional licensing for ERM/GRC software, combined with the skepticism among senior management on what
Risk taxonomy is the framework of naming, organization and managing the relationships to manage your risk information. Your ERM program and any Enterprise Risk Management (ERM) software you use depends upon it.
Most organizations have an organizational chart of how their people are connected. To be effective in risk management, organizations must also have an organizational chart of how their business processes are connected to create accountability and focus on business value.
The first step is t
Puneet Kapoor answered a series of questions written by marcus evans before the forthcoming 5th Annual Enterprise Risk Management Conference, March 19-21, 2012 in Chicago, IL. All responses represent the view of Mr. Kapoor and not necessarily those of Walgreens.
What value does the risk management process add to Management’s decision making process?
PK: Decision making is an exercise of making choices. When evaluating choices to make the most appropriate decision, one has to weigh the risks and re
The use of the term “reputation risk” fits the pattern of hyped buzzwords, but the significant volume of money now spent managing corporate reputation risks proves it is more than hype. Reputation dynamics are forcing pivotal business decisions. Penn State increased its acceptance rate to offset a decline in out-of-state applications and an expected drop in the matriculation rate. Deutsche Bank’s CEO Josef Ackerman refused 3-year loans from the European Central Bank concerned it would damage the
We have confirmed the conference to take place at The Sutton Place Hotel in Chicago, IL from March 19-21, 2012: http://www.chicago.suttonplace.com/default.htm
Spaces are limited for both the event and hotel, so please make sure to book your room ASAP. Cut-off date to book at the discounted rate is February 27th!
Join current attendees from:
Cliffs Natural Resources
ONEOK
BNSF Railways
ASSA Compania de Seguros
Cemex Central
Apollo Group
Indiana Public Retirement System
HCA
Endbrige Gas Distributi
How do you manage the uncertainty of what has not happened yet?
That’s where enterprise risk management software (ERM Software) also known as operational risk management software comes in. It tracks the emerging risks and changes to existing risks across the enterprise and connects these changes to the activities and business metrics that run the business. A change in risk at the business process level, demands a change in the operating procedures to prevent this risk from materializing or seize
In this challenging environment, board members and management executives are striving to maintain their tight grip on costs while maintaining a proper focus on enterprise-wide risk.
Jack S. Dybalski is Vice President and Chief Risk Officer at Xcel Energy. He will be a key speaker at the marcus evans 5th Annual Enterprise Risk Management Conference taking place in from March 19-21, 2012 in Chicago, IL.
Jack Dybalski is the Vice President and Chief Risk Officer of Xcel Energy based in Denver, Colora
With only 4 weeks left until the Life Sciences Internal Audit Conference, February 8-9, 2012 in Philadelphia, PA, don’t miss out on your opportunity to attend the event!
Join key speakers, including:
Andy Weintraub, Director, Group Internal Audit at AstraZeneca
David Bolton, Internal Audit Manager at Biomet, Inc.
Tami McLaine, Director, Audit at Baxter International
Katie McCormick, Senior Manager, Corporate Analysis & Control at Boston Scientific Corporation
Jeffrey Antoon, Director, Corporate
We are often asked for insight on business measures or KPIs for ERM programs to track overall progress and effectiveness.
The key question for risk managers is: how do I measure the value ERM is delivering to my organization?
The following are examples of measures that will quantify and measure the value your ERM program is providing:
1. Number of systemic risks identified
The number of business measures within organizations is typically growing. Measures are often added on a reaction basis to loss events that have already occurred. Wouldn't it be valuable to be able to focus on forward looking measures? In most organizations, these preventative, proactive measures are indistinguishable when grouped with reactive measures, because the metrics do not formally tie back to any commitments or risks.
What if a risk or activity changes? Organizations have no way of knowi
CIS-Partners, a consulting firm specializing in compliance strategies for the pharmaceutical industry, wrote an article entitled, “Don’t Get Burned”. The main focus of this article is to discuss how organizations are shifting to third-party vendors and in turn, how internal auditors need to respond to the risks associated with this process.
View article here: http://www.cis-partners.com/downloads/RiskWatch_June2011_Don'tGetBurned.pdf
CIS-Partners is a sponsor of the upcoming marcus evans Life Sc