Enterprise Compliance Today

The "Risk Culture" Myth 2: Roadmap to a Practical Risk Culture

Posted by Greg Carroll on Fri, May 09, 2014 @ 09:55 AM

The Risk Culture Myth isn't anti risk culture but that it's been hijacked to a belief system. In this 2nd article on the Risk Culture Myth I attempt to re-position Risk Culture back to it its original practical intent.

Read More

Tags: Best practices, risk management, risk culture

The “Risk Culture” Myth

Posted by Greg Carroll on Thu, Apr 24, 2014 @ 11:31 PM

Risk Culture is the greatest myth perpetrated on business since the Y2K bug. Just like Y2K, an industry has now grown up around it assisting companies to improve their “risk culture”. The problem with “risk culture” is that it has been hijacked from its original practical intent to now being an impossible (and unrequired) philosophical pursuit.

Read More

Tags: Best practices, risk management, risk culture

Project Risk: The 5 most common mistakes implementing software

Posted by Greg Carroll on Fri, Apr 04, 2014 @ 06:00 PM

Whilst the IT Industry has to bear the brunt of the responsibility, it is your business and your job that wears the consequences, and therefore it is in your best interest to intercede in the process to ensure your best possible outcome.

Read More

Tags: risk management, Management & Reporting, project management

Governance: How Company Directors should manage THEIR Risk Exposure

Posted by Greg Carroll on Sun, Mar 23, 2014 @ 09:30 AM

Board members need to consider their Risk exposure when considering needs of their organisation's corporate governance.  This weeks contribution is by Dr Lee Finniear. Lee is a Fellow of the Australian Institute of Company Directors.

Read More

Tags: corporate governance, due diligence, risk identification

Free Excerpt: Mastering 21st Century Enterprise Risk Management

Posted by Greg Carroll on Wed, Mar 12, 2014 @ 08:48 AM

My book providing the best of parts of my 2013 webinar series... plus an addendum with nuts-and-bolts guidance is now available thru Amazon.com.

Read More

Tags: Best practices, risk management, risk aggregation, Company News

Pro-Active vs Re-Active Risk Management

Posted by Greg Carroll on Wed, Feb 26, 2014 @ 10:25 AM

ISO31000 needs to address the understanding of the fundamental nature of risk if it hopes to advance the maturity of risk practices in business

Read More

Tags: risk management, project management, risk identification, shareholder value

Where to start your Enterprise Risk Management (ERM) system

Posted by Greg Carroll on Fri, Feb 14, 2014 @ 10:02 PM

Contract Management has all the same components.  Financial, Operational and strategic risks, surveillance and KPIs, opportunity and threat management, and most importantly, easily understandable methods of aggregation. 

Read More

Tags: Best practices, corporate governance, risk management, contract management

Why Aggregate Risk in an Enterprise Risk Management (ERM) System?

Posted by Greg Carroll on Fri, Nov 22, 2013 @ 10:40 PM

There appears to be a growing view that Risk does not need to be aggregated to have an effective ERM. I believe this is due to a combination of the rush of inadequate software products on the market and the infiltration of Q.A. mentality into ERM. 

Read More

Tags: corporate governance, risk management, risk aggregation

Interview with Certified Enterprise Risk Manager® (CERM) Academy

Posted by Greg Carroll on Mon, Nov 11, 2013 @ 10:11 AM

This week I thought I'd re-print an extract from an interview  with Greg Carroll by Greg Hutchins from US based Certified Enterprise Risk Manager® (CERM) Academy, on my upcoming book "Mastering 21st Century Enterprise Risk Management".

Read More

Tags: risk management, Quality Management

How to aggregate risk in an Enterprise Risk Management (ERM) system

Posted by Greg Carroll on Sat, Nov 09, 2013 @ 09:18 AM

Without aggregation, ERM loses any meaning and purpose. (see Why Aggregate Risk in ERM) So if accepting the need to aggregate risk, both from business units to group and between diverse natures of risk, how do you aggregate risks?

Read More

Tags: corporate governance, risk management, risk aggregation