RAW2021 agenda is now online, register before the early bird ends

RISK AWARENESS WEEK is the biggest online platform to learn about risk management and decision making. Amazing lineup of international speakers share practical case studies on integrating risk management into climate and environmental decision making, planning, project management and risk-adjusted performance management. No RM1 workshops, no sales pitches from brokers or insurance companies, just practical… Continue reading RAW2021 agenda is now online, register before the early bird ends

Call for speakers. Share your risk management or decision making case studies with the world

Deadline for submission – 31 July 2021  We invite industry leaders and practicing risk management and decision support professionals to present their case studies at the RISK AWARENESS WEEK 2021 scheduled from 11-15 October 2021. RISK AWARENESS WEEK is an annual event that aims to promote risk management practices, risk psychology, decision science and quantitative… Continue reading Call for speakers. Share your risk management or decision making case studies with the world

What is a risk? It’s not what you think it is

If there is one thing I learned as a CRO, it is crucial to understand the nature of each and every risk we have to work with. I will no doubt write a separate article about the mistake of aggregating various risks into a risk register or attempting to use the same methodology to quantify… Continue reading What is a risk? It’s not what you think it is

Compliance Risk Management – Risk mitigation and reporting

Risk mitigation and trade-off The treatment of compliance risks refers to the corresponding strategies implemented by an organization to deal with its risks. A risk treatment plan should consider a range of treatment options, which may include legal remedies as well as financial, operational and reputational remedies for each prioritized risk. The following factors should… Continue reading Compliance Risk Management – Risk mitigation and reporting

Compliance Risk Management – Risk analysis (part 5)

Step 5. Measure the effect of risks on decisions In order to account for the uncertainty both in the consequences of each scenario and its weight, consequence distributions are multiplied by weight distributions using the Monte-Carlo simulation method. Normally 10000 simulation runs should be sufficient for most compliance risks, however more simulation runs may be… Continue reading Compliance Risk Management – Risk analysis (part 5)

Mark Powell – The lost art of building risk matrices and why they should be avoided

Risk matrices have been around for decades, but most people don’t build their own anymore. In fact, Mark Powell told an audience at Risk Awareness Week 2020 that he hadn’t met anybody in 25 years who had built a risk matrix from scratch, with many outsourcing the job to consultants instead. So why does this… Continue reading Mark Powell – The lost art of building risk matrices and why they should be avoided

Compliance Risk Management – Risk analysis (part 4)

Step 4. Allocate weights to each scenario In order to determine the weight allocated to each consequence scenario of events triggered by compliance risk, historical data, modelling, as well as expert opinions, can all be used, individually or in combination. Weight of each scenario can involve the following factors: the range of laws, along with… Continue reading Compliance Risk Management – Risk analysis (part 4)

Compliance Risk Management – Risk analysis (part 3)

Step 3. Determine the range of consequences for each scenario In order to quantitatively assess compliance risks the next step involves defining the possible range of values for each consequence scenario. Typical consequences can involve the following factors: Consequence scenario Range of consequences A.     Small fine for violation, for example a fine for three days… Continue reading Compliance Risk Management – Risk analysis (part 3)

Compliance Risk Management – Risk analysis (part 2)

Step 2. Identify causes and consequence scenarios Causes and consequences for the bow-tie diagram are normally derived from the regulations as well as through consultation with risk owners and subject matter experts. Common consequence scenarios for compliance risks (just a quick example, there is more) include: Risk area Examples of consequence scenarios Licensed activities and… Continue reading Compliance Risk Management – Risk analysis (part 2)

Compliance Risk Management – Risk analysis (part 1)

Wherever possible companies should apply quantitative risk analysis to measure and prioritize compliance risks. Wait what? We can do better than a compliance heatmap? Apparently :)) The following information should be collected and recorded for each identified risk: Possible consequence scenarios as described in the legislation or other regulatory requirements (usually includes fines, 3rd party… Continue reading Compliance Risk Management – Risk analysis (part 1)