Enterprise Compliance Today

Why most ERM systems don't work

Posted by Greg Carroll on Mon, Dec 04, 2017 @ 07:59 PM

So why don’t most Enterprise Risk Management system work?  Simply, they don’t “manage” risk, they just record it.  Manage is a verb not a noun. It is activity not an item.  Making a list might be adequate for those who want to check off regulatory compliance, but it’s does not produce a ROI.

Read More

Tags: corporate governance, risk management, risk aggregation

Free Excerpt: Mastering 21st Century Enterprise Risk Management

Posted by Greg Carroll on Wed, Mar 12, 2014 @ 08:48 AM

My book providing the best of parts of my 2013 webinar series... plus an addendum with nuts-and-bolts guidance is now available thru Amazon.com.

Read More

Tags: Best practices, risk management, risk aggregation, Company News

Why Aggregate Risk in an Enterprise Risk Management (ERM) System?

Posted by Greg Carroll on Fri, Nov 22, 2013 @ 10:40 PM

There appears to be a growing view that Risk does not need to be aggregated to have an effective ERM. I believe this is due to a combination of the rush of inadequate software products on the market and the infiltration of Q.A. mentality into ERM. 

Read More

Tags: corporate governance, risk management, risk aggregation

How to aggregate risk in an Enterprise Risk Management (ERM) system

Posted by Greg Carroll on Sat, Nov 09, 2013 @ 09:18 AM

Without aggregation, ERM loses any meaning and purpose. (see Why Aggregate Risk in ERM) So if accepting the need to aggregate risk, both from business units to group and between diverse natures of risk, how do you aggregate risks?

Read More

Tags: corporate governance, risk management, risk aggregation