IIA recently published a Practice Guide on Assessing the Risk Management Process. It sounded interesting so I set aside some time to go through the document. Overall verdict The maturity model proposed by IIA has exactly the same fundamental flaws that all of the other 100+ consulting risk maturity models out there have. Plus, while… Continue reading Is IIA secretly trying to kill risk management? Sometimes I wonder.
Most risk managers think they are doing a great job. But how can you actually tell? To add to the challenge, despite the guidance provided in ISO 31000:2009, the concept of risk management effectiveness still remains a bit vague. Who can audit or validate your risk management effort to say whether it’s good or not?… Continue reading FREE WEBINAR: Is your risk management truly effective? Auditing risk management in 4 simple steps
Lately, everyone, from the government agencies to regulators to corporate board members, seem to be talking about the need for better, more effective risk management. The challenging part is that, despite the guidance provided in ISO 31000:2009, the concept of risk management effectiveness still remains vague. This article attempts to summarize the basic components of… Continue reading Can risk management even be effective?