http://www.ebizq.net/blogs/chief_risk_officer/ In this blog, risk expert Steven Minsky highlights the differences between traditional risk management and true enterprise risk management, which is about helping things happen rather than preventing them from happening. Manage Tomorrow's Surprises Today is designed to help you think about risk in new ways and learn how to benefit practically from this rapidly evolving field. en Copyright 2012 Mon, 16 Jan 2012 12:49:40 -0500 http://www.sixapart.com/movabletype/?v=4.37 http://blogs.law.harvard.edu/tech/rss The Costa Concordia, a Carnival Cruise Line owned ship, ran aground resulting in at least 6 deaths. This is a 4,000-passenger, 115,000 -ton cruise mega-ship, with the latest and greatest technology, as it is just 5 years old. As an... http://www.ebizq.net/blogs/chief_risk_officer/2012/01/cruise_ship_accident_due_to_pr.php http://www.ebizq.net/blogs/chief_risk_officer/2012/01/cruise_ship_accident_due_to_pr.php Business resiliency and sustainability Mon, 16 Jan 2012 12:49:40 -0500 stevenminsky I am often asked for insight on business measures or KPIs for ERM programs to track overall progress and effectiveness.  The key question for risk managers is: how do I measure the value ERM is delivering to my organization?  The... http://www.ebizq.net/blogs/chief_risk_officer/2012/01/how_to_measure_your_enterprise.php http://www.ebizq.net/blogs/chief_risk_officer/2012/01/how_to_measure_your_enterprise.php Enterprise Risk Management Wed, 04 Jan 2012 06:30:00 -0500 stevenminsky The number of business measures within organizations is typically growing. Measures are often added on a reaction basis to loss events that have already occurred. Wouldn't it be valuable to be able to focus on forward looking measures? In most... http://www.ebizq.net/blogs/chief_risk_officer/2011/12/the_importance_of_linking_risk.php http://www.ebizq.net/blogs/chief_risk_officer/2011/12/the_importance_of_linking_risk.php Enterprise Risk Management Mon, 05 Dec 2011 07:00:26 -0500 stevenminsky Last week, at RIMS ERM Conference 2011, we announced that LogicManager and RIMS (The Risk and Insurance Management Society) have selected Queens University Management School (QUM) to update the landmark 2008 study that quantified a direct, positive relationship between... http://www.ebizq.net/blogs/chief_risk_officer/2011/11/landmark_risk_management_study.php http://www.ebizq.net/blogs/chief_risk_officer/2011/11/landmark_risk_management_study.php Enterprise Risk Management Mon, 07 Nov 2011 08:00:00 -0500 stevenminsky Two stories in the news recently have caught my eye: one involving a listeria outbreak caused by tainted cantaloupe, and the other involving Citigroup losing $285 million for defrauding investors. In the cantaloupe story, a nationwide listeria outbreak was traced... http://www.ebizq.net/blogs/chief_risk_officer/2011/10/what_cantaloupe_and_citigroup.php http://www.ebizq.net/blogs/chief_risk_officer/2011/10/what_cantaloupe_and_citigroup.php ERM-based approach Wed, 26 Oct 2011 08:00:00 -0500 stevenminsky Normal 0 false false false MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Times New Roman"; mso-ansi-language:#0400; mso-fareast-language:#0400; mso-bidi-language:#0400;} Risk managers are charged with ensuring transparency, alignment,... http://www.ebizq.net/blogs/chief_risk_officer/2011/10/5_steps_for_better_risk_assess.php http://www.ebizq.net/blogs/chief_risk_officer/2011/10/5_steps_for_better_risk_assess.php Risk Assessment Fri, 21 Oct 2011 08:00:00 -0500 stevenminsky Normal 0 false false false MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Times New Roman"; mso-ansi-language:#0400; mso-fareast-language:#0400; mso-bidi-language:#0400;} Recently, Gartner released its 2011 Magic Quadrant for... http://www.ebizq.net/blogs/chief_risk_officer/2011/08/takeaways_from_egrc_magic_quad.php http://www.ebizq.net/blogs/chief_risk_officer/2011/08/takeaways_from_egrc_magic_quad.php Enterprise Risk Management Mon, 08 Aug 2011 08:00:00 -0500 stevenminsky Recently organizations have been faced with the increasing threat of cyber attacks, whether from external hackers such as lulzsec or from internal attacks such as wikileaks.  Your customers' personally identifiable information, organization's intellectual property, and confidential files are all vulnerable... http://www.ebizq.net/blogs/chief_risk_officer/2011/07/presenting_cyber_risks_to_the.php http://www.ebizq.net/blogs/chief_risk_officer/2011/07/presenting_cyber_risks_to_the.php ERM-based approach Fri, 08 Jul 2011 08:00:00 -0500 stevenminsky Boards are under pressure like never before to assure their organization has an effective risk management program.  The SEC, through the Proxy Disclosure Enhancements amendment,  is holding them personally responsible for risk management. If your board hasn't already come knocking... http://www.ebizq.net/blogs/chief_risk_officer/2011/06/risk_managers_what_should_you.php http://www.ebizq.net/blogs/chief_risk_officer/2011/06/risk_managers_what_should_you.php Mon, 20 Jun 2011 10:32:26 -0500 stevenminsky While spreadsheets are still an excellent tool for data manipulation and one-dimensional analysis, they fall significantly short of delivering the capabilities a risk manager really needs to analyze trends and see the relationships the job entails. The limitations of spreadsheets... http://www.ebizq.net/blogs/chief_risk_officer/2011/05/risk_managers_why_spreadsheets.php http://www.ebizq.net/blogs/chief_risk_officer/2011/05/risk_managers_why_spreadsheets.php Fri, 20 May 2011 10:37:58 -0500 stevenminsky With so many risk management standards and government regulations out there that require risk evaluation, how should internal audit review your company's risk management program?  How would you apply any one of these frameworks to an audit?  How do... http://www.ebizq.net/blogs/chief_risk_officer/2011/04/how_do_you_audit_a_risk_manage.php http://www.ebizq.net/blogs/chief_risk_officer/2011/04/how_do_you_audit_a_risk_manage.php Risk Assessment Fri, 29 Apr 2011 09:23:54 -0500 stevenminsky If you're considering automating your governance, risk, and compliance (GRC) program there are dozens of choices out there and choosing the one that's best for your program can be challenging. While many tools out there can document controls and... http://www.ebizq.net/blogs/chief_risk_officer/2011/04/5_reasons_to_put_erm_tools_on.php http://www.ebizq.net/blogs/chief_risk_officer/2011/04/5_reasons_to_put_erm_tools_on.php Compliance Mon, 25 Apr 2011 09:33:34 -0500 stevenminsky An organization-wide risk appetite can be a powerful statement that gives your risk or compliance program direction.  However, like any policy, risk appetite without accompanying action is nothing more than an idea. So how do you give your risk appetite... http://www.ebizq.net/blogs/chief_risk_officer/2011/04/5_ways_to_put_risk_appetite_in.php http://www.ebizq.net/blogs/chief_risk_officer/2011/04/5_ways_to_put_risk_appetite_in.php Compliance Tue, 12 Apr 2011 08:00:00 -0500 stevenminsky The nuclear crisis still unfolding at Fukushima Daiichi continues to threaten a meltdown as core temperatures and radiation leaks continue to fluctuate.  The disaster is one of the worst nuclear disasters in history.  However the vulnerabilities at the power station... http://www.ebizq.net/blogs/chief_risk_officer/2011/03/japanese_nuclear_crisis_lesson.php http://www.ebizq.net/blogs/chief_risk_officer/2011/03/japanese_nuclear_crisis_lesson.php Enterprise Risk Management Tue, 22 Mar 2011 08:00:00 -0500 stevenminsky No company falls out of compliance over-night.  It's a gradual process resulting from a combination of overlooked issues, that together create a serious problem.  Strangely enough, compliance issues often result from taking an overly compliance-focused approach to risk management; a... http://www.ebizq.net/blogs/chief_risk_officer/2011/03/is_your_grc_program_overly_foc.php http://www.ebizq.net/blogs/chief_risk_officer/2011/03/is_your_grc_program_overly_foc.php Compliance Tue, 15 Mar 2011 10:52:11 -0500 stevenminsky