RISK-ACADEMY regularly runs free webinars on various risk management and decision quality topics. Browse the list below to see if any of our existing webinars would be interesting to you or your friends. Please feel free to share this page on social media.
4 future trends in risk management
Join us to talk about 4 amazing trends in risk management that may change everything you ever knew about risk management. It is a great pleasure for us to introduce Alex Sidorenko, who will share his experience as a past CRO of a large investment fund.
Here is a sneak preview of the things we will talk about during the free webinar:
- The transition from risk management as a stand-alone activity to a quantitative tool built into the key decisions and processes of an organization
- Risk management is against human nature. Building risk culture to counteract
- The role of a risk manager in a company must change. The concept of three lines of defense is flawed
- To execute its new role the risk management team must possess four key competencies
Integrating risk into strategic planning
Over the years, risk managers have tried various ways to get the business units to participate in the risk management process. Some simplified the risk identification and assessment methodologies, others complicated them. The result in both cases was the same – disappointment. Best case scenario – annual or quarterly risk assessments were perceived as a necessary evil with most employees ignoring them and few actively resisting.
Did it ever strike you as odd, that risk management is supposed to be a support function, yet business units are constantly required to provide the information to the risk managers and not the other way around? It almost feels like the business is there to support risk managers in doing their job.
Maybe, just maybe, it is time for the risk managers to stop living in a universe, where the business is regularly required to provide information, participate in risk assessments and to contribute to lengthy discussions about risk mitigation. After all, this does not make business sense. Why would business units take the time away from making money to supply risk managers with all this information? The only logical answer is because they must, it’s a compliance issue. And this is where it gets interesting, risk managers have for years been telling us that it’s not about compliance, it’s about generating business value. Something doesn’t add up. If an activity takes time and resources and doesn’t have an immediate impact on business decisions or business processes, something is clearly wrong.
Join me for a free webinar where I will talk about an alternative approach. Something that will help integrate risk management into everything the business does, not weekly, monthly, quarterly, but every day. I believe risk analysis doesn’t need to happen before, during or after the strategic planning takes places, I believe it has to change the very nature of existing business processes. And that is why is so, so, so difficult, because management will actively resist any changes to their business processes.
Integrating risk into decision making
Here is a quick test: Which typical risk management element/tool has the least amount of value?
- Risk management framework
- Quarterly risk assessment workshops
- Risk reports
- Risk registers
- Heat maps?
In my mind, they are equally useless and maybe even detrimental to the effective management of risks or risk-based decision making. Unfortunately, you cannot agree with the first statement about integration and culture while continuing to use these outdated tools. There is a much better alternative for every single point in the list above. Join me for the latest installment in RISK-ACADEMY free webinars.
How to audit risk management?
Most risk managers think they are doing a great job. But how can you actually tell? To add to the challenge, despite the guidance provided in ISO 31000:2009, the concept of risk management effectiveness still remains a bit vague.
Who can audit or validate your risk management effort to say whether it’s good or not? I mean there are internal and external auditors, but they often look at all the wrong things and ask useless questions about risk appetite, policies, frameworks, risk owners, mitigation plans and risk profiles. All of this has nothing to do with the true effective risk management.
Join me for another RISK-ACADEMY free webinar to talk about four risk management effectiveness criteria, based on the ISO31000:2009 of course, because I am a fan To learn how to audit/validate risk management effectiveness in non-financial companies in 4 simple steps register today. I will also talk about the upcoming G31000 risk management maturity model, an amazing tool to audit/validate risk management in any company.
COSO ERM 2017 vs ISO31000:2018
Can one of the documents be more useful than the other? And if yes, useful for whom, risk practitioners, regulators, auditors or consultants? Or have both documents failed to account for the actual growth in the risk management maturity and will be looked at with disappointment by risk professionals? Should you, as a risk practitioner, even bother to read both documents? And what should you tell an external auditor next time he recommends adopting one of the documents?
I will try and answer all these questions in the upcoming free webinar:
What other topics would you like me to cover in future webinars?