RAW#1 Welcome to the dark side of risk management

My name is Alex Sidorenko, head of operational, investment risk and insurance at a group of companies with combined revenue $15B. In 2021 our company got an honorable mention at RIMS and I was named risk manager of the year by FERMA. I am a big fan of transparency and knowledge sharing, so I created this monthly newsletter to share some of the wins and tricks of the trade and hopefully make someone’s risk management journey more rewarding.

No alt text provided for this image

Despite ‘risk management’ being a much-heard expression these days, there is no agreement to the problem it is (ostensibly) solving. Even among those who advocate its adoption and practice (often to earn their living) it has no settled meaning, nor even clarity of purpose. Its clumsy and ever-changing constructs and confected jargon complicates rather than improves decision making and, therefore, organisational performance.

Just ask yourself: If risk management is the answer, what was the question? Find out more at https://sufficientcertainty.com/

No alt text provided for this image

Despite the fact that risk management is a decision making tool, you should probably get Risk Management 1 sorted first, to keep the auditors, rating agencies and regulators at bay. It’s RM1, so keep it as simple and as quick as possible, this is less than 10% of the overall effort. Auditors love asking for policies and procedures, so give them what they want and make it pretty.

A1. Develop a short risk management policy structured around ISO31000 principles – this one is very easy, just follow the steps below:

A2. Develop a very basic risk management framework document, aligned with ISO31000 – same as above, use the ISO31000:2018 to develop a framework document. Stick to the text of the standard as close as possible, don’t reinvent the wheel. Borrow some good sentences from COSO: ERM 2017 as well, just for fun. Claim that the document is aligned with both. Auditors love that.

A3. Identify and fulfil any other regulatory or shareholder requirement regarding risk management – this is also an important step, as many industries have additional risk management requirements, make sure you crossed them all when drafting policy and framework documents.

No alt text provided for this image

Finally! An alternative to risk matrices. Ok, this is obviously a joke, because the alternatives (multiple) have been available to anyone willing to learn for over 50 years. To me, using risk matrices is a question of ethics and professional skills and is totally up to the individual risk manager. The flaws are fundamental to risk matrices design and there nothing a risk manager / business analyst can do to make them reliable. Want to know the alternatives, read the full article https://riskacademy.blog/finally-an-alternative-to-risk-matrices/

No alt text provided for this image

Fooled by Randomness: The Hidden Role of Chance in Life and in the Markets was the book that changed my life when it was first published and set me on the quest for better risk based decision making and RM2. Before getting into the science of risk management, it is important to understand the philosophy of risk taking and uncertainty.

No alt text provided for this image

RAW2022 is scheduled for October. Now is your chance to nominate speakers or topics. Simply comment below. Also, if you are aware of any RM2 events coming up do let me know and I will include in the next newsletter.

No alt text provided for this image
No alt text provided for this image
No alt text provided for this image

3000+ risk practitioners have completed our online risk management and decision making courses, check them out https://www.udemy.com/user/alexsidorenko/

RISK-ACADEMY offers online courses

sample85
+ Buy now

Informed Risk Taking

Learn 15 practical steps on integrating risk management into decision making, business processes, organizational culture and other activities!

19,999,99
sample85
+ Buy now

ISO31000 Integrating Risk Management

Alex Sidorenko, known for his risk management blog http://www.riskacademy.blog, has created a 25-step program to integrate risk management into decision making, core business processes and the overall culture of the organization.

199,999,99
sample85
+ Buy now

Управление рисками

В этом коротком и очень увлекательном курсе, Алексей Сидоренко расскажет о причинах внедрения риск менеджмента, об особенностях принятия управленческих решений в ситуации неопределенности и изменениях в новом стандарте ИСО 31000:2018.

19,999,99

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.