Enterprise Compliance Today

Using IoT Intelligent Things to monitor risk in real-time

Posted by Greg Carroll on Tue, Mar 20, 2018 @ 09:29 AM

Although in ISO 31000 monitoring risk is another of its key tenets, I again see little monitoring in most risk management systems. Periodic review, dashboards, heat maps, and KRI reports are all Review (a different ISO 31000 tenet) not monitoring. IoT technology can deliver real-time monitoring of risk for more than just physical environmental metrics.

Read More

Tags: corporate governance, risk management, decision making, predictive analytics

Using Predictive Analytics for Risk Management

Posted by Greg Carroll on Tue, Mar 13, 2018 @ 08:15 AM

The failed Risk Management practice of the ubiquitous risk matrix will finally be laid to rest in the 2020s. Vague subjective estimation of likelihoods and consequences will be replaced with Predictive Analytics objective predictions, based historical patterns and current trends, leading to informed risk based decision making.

Read More

Tags: corporate governance, risk management, decision making, predictive analytics

5 Primary Reasons for the failure of Predictive Analytics in ERM

Posted by Greg Carroll on Tue, Mar 06, 2018 @ 08:52 PM

Regardless of the hype surrounding Predictive Analytics, and even the fact there are some excellent and relatively inexpensive tools available, not only has its implementation been weak, but a 2017 Gartner survey found in many areas investment is going backwards.

Read More

Tags: corporate governance, risk management, decision making, predictive analytics

Using Neural Networks for Risk Identification

Posted by Greg Carroll on Tue, Feb 20, 2018 @ 08:55 AM

Although risk identification is a fundamental tenet of ISO 31000, from the GFC to Brexit traditional methods have spectacularly failed.  Neural Network mapping is the first real technique to actually identify risk drivers and their outcomes.

Read More

Tags: corporate governance, risk management, risk identification, decision making, risk analytics, neural network

Using Big Data to identify threats, trends and evolving risks

Posted by Greg Carroll on Tue, Feb 20, 2018 @ 08:55 AM

Probably one of the most recognized but least understood disruptive technologies for Risk Management in the 2020’s is Big Data.

Read More

Tags: corporate governance, risk management, decision making, scenario analysis, risk analytics

Using Scenario Analysis for Risk based Decision Making

Posted by Greg Carroll on Mon, Feb 12, 2018 @ 10:20 AM

ISO31000:2018 stresses the need for risk management to be integrated into operational functionality and decision making, but little has be written on how to actually achieve this.  Scenario Analysis is not a modern technology but how you can provide operational management with risk based decision marking collateral.

Read More

Tags: corporate governance, risk management, decision making, scenario analysis

The Future of Enterprise Risk Management in the 2020s

Posted by Greg Carroll on Thu, Feb 01, 2018 @ 04:57 PM

The 2009 release of ISO 31000 was the first step across the threshold into 21st century risk management. Unfortunately the industry that has developed around it has firmly grabbed the doorway and won’t let go.  Although the latest revisions make references to decision making and integration into functional purpose, it totally misses the point of risk management, which is to assist navigating a complex world.

Read More

Tags: corporate governance, risk management, Innovation, decision making

Risk 2018 and the missed opportunities of 2017

Posted by Greg Carroll on Wed, Jan 17, 2018 @ 08:35 PM

In my 2013 book "Mastering 21st Century Enterprise Risk Management" I quipped “just as the Wild West of the 1890's had disappeared without trace by the Roaring 1920s, so too will the business world of the 1990s, be long forgotten by the 2020s”.  Just 5 years on and not only has the world changed emphatically but the rate of change is accelerating.

Read More

Tags: corporate governance, risk management, Innovation, decision making

Why most ERM systems don't work

Posted by Greg Carroll on Mon, Dec 04, 2017 @ 07:59 PM

So why don’t most Enterprise Risk Management system work?  Simply, they don’t “manage” risk, they just record it.  Manage is a verb not a noun. It is activity not an item.  Making a list might be adequate for those who want to check off regulatory compliance, but it’s does not produce a ROI.

Read More

Tags: corporate governance, risk management, risk aggregation

Understanding the Governance part of GRC Systems

Posted by Greg Carroll on Sat, Apr 29, 2017 @ 03:51 PM

Unfortunately, there seems to be a lack of understanding of what GRC really is.  Contrary to popular belief GRC is NOT ERM, but 3 separate disciplines Governance, Risk and Compliance. Here I look at the neglected Governance component.

Read More

Tags: corporate governance, Compliance Management, risk management, Strategic Management, grc systems