Board members need to consider their Risk exposure when considering needs of their organisation's corporate governance. This weeks contribution is by Dr Lee Finniear. Lee is a Fellow of the Australian Institute of Company Directors.
Enterprise Compliance Today
My book providing the best of parts of my 2013 webinar series... plus an addendum with nuts-and-bolts guidance is now available thru Amazon.com.
ISO31000 needs to address the understanding of the fundamental nature of risk if it hopes to advance the maturity of risk practices in business.
Contract Management has all the same components. Financial, Operational and strategic risks, surveillance and KPIs, opportunity and threat management, and most importantly, easily understandable methods of aggregation.
There appears to be a growing view that Risk does not need to be aggregated to have an effective ERM. I believe this is due to a combination of the rush of inadequate software products on the market and the infiltration of Q.A. mentality into ERM.
This week I thought I'd re-print an extract from an interview with Greg Carroll by Greg Hutchins from US based Certified Enterprise Risk Manager® (CERM) Academy, on my upcoming book "Mastering 21st Century Enterprise Risk Management".
Without aggregation, ERM loses any meaning and purpose. (see Why Aggregate Risk in ERM) So if accepting the need to aggregate risk, both from business units to group and between diverse natures of risk, how do you aggregate risks?
A customer example
We've posted a new item in the Resource Room. Here's a preview of what's inside.
How the right compliance software is improving Resolute's hazard management, administrative processes, audit-readiness, and more