Boards are often satisfied with a list of the so-called top risks facing their organization, especially if they are informed that the list has been developed using the COSO ERM Framework or the ISO 31000 risk management standard.
Boards know that investors and regulators want to know that the major risks, those in the list, are disclosed in regulatory and other filings and are either being managed or mitigated.
But it is that a sufficient role for the board?
In this session, we will review the board’s primary role in ensuring that the management is effectively leading the organization. Norman will talk about how reviewing a list of what could go wrong is not the way to obtain assurance that the organization will be successful. He will talk about the value that an effective risk management program can and should deliver: enabling informed and intelligent strategic and tactical decisions. Then he will share his views on what the board should do when it comes to its oversight responsibilities.