Alex Sidorenko from RISK-ACADEMY talks about three things to review when auditing risk management effectiveness in non-financial companies:
DOWNLOAD THE FREE RISK MANAGEMENT BOOK: https://www.risk-academy.ru/en/download/risk-management-book/
Watch more free risk management videos on RISK-ACADEMY youtube channel https://www.youtube.com/user/alexausrisk
– – – – – – – – – – – – – – – – – – – – –
RISK-ACADEMY offers decision making and risk management training and consulting services. Our corporate risk management training programs are specifically designed to promote risk-based decision making and integrating risk management into business processes. Risk managers all over the world call us in to help sell idea of integrating risk analysis into decision making and using quantitative risk analysis techniques. Check out most popular course for decision makers https://riskacademy.blog/product/risk-based-decision-making-executives/ or our dedicated programs to help risk managers learn the foundations of quant risk analysis https://riskacademy.blog/product/risk-managers-training/. We can also help audit risk management effectiveness or develop a roadmap for risk management integration into decision making https://riskacademy.blog/product/g31000-risk-management-maturity-assessment/
3 thoughts on “3 things to look for when auditing risk management”
I agree with this … except, that if you audit (and you can) and find that risk management on #2 and #3 are well done, you are highly likely to perform well on #1 as well. The add-on value you have in #1 is the effect of an Enterprise Risk Management which is focused on identifying and effectively addressing new risks imposed from outside the company – assuming everything that happens within the company is covered by your risk managed decision making.
In short …
Decision focused risk management ensures decisions are optimized and well executed
Enterprise Risk Management drives decisions to be made based on [external] events or developments
Seems a bit over complicating. Decision focused risk management covers anything and everything to do with decisions, hence with doing business. We could stop there, but we have auditors and regulators who think they know better. So ERM must be satisfying whatever next bs they come up with.