Alex Sidorenko from RISK-ACADEMY talks about what risk reports are useful and how to integrate risk reporting into regular management reporting
Download free risk management book at https://www.researchgate.net/publication/323254437_GUIDE_TO_EFFECTIVE_RISK_MANAGEMENT_30
This is always my take on risk reporting, it should be owned by respective operational and business heads, integrated into day to day decision making processes and embraced as part of the organisation’s risk culture by the employees(risk reporting should be interesting and not boring). With this effective risk management will be integrated into the KPIs of the responsible officers. Risk function or department would just facilitate risk management in the organisation while Internal Audit will only provide risk assurance as part of the regulatory mandate to the board.
Exactly, if all kpis are risk based don’t even need kris or separate risk reports