What is a risk? It’s not what you think it is

If there is one thing I learned as a CRO, it is crucial to understand the nature of each and every risk we have to work with. I will no… Continue reading What is a risk? It’s not what you think it is

Compliance Risk Management – Risk identification

Every organisation is required to comply with laws within the countries it operates in, the legal and regulatory requirements vary between different regions adding to the need to have understanding… Continue reading Compliance Risk Management – Risk identification

The better alternative to “inherent” and “residual” risk concepts

Few things are certain in life: death, taxes and someone in the risk community asking about inherent and residual risks. In fact the question is so frequent that I even… Continue reading The better alternative to “inherent” and “residual” risk concepts

Finally! An alternative to risk matrices

Ok, the title is obviously a joke, because the alternatives (multiple) have been available to anyone willing to learn for over 50 years. But since you clicked, this article will… Continue reading Finally! An alternative to risk matrices

Practical ideas: Develop a high-level Risk Management Policy

It is generally considered a good idea to document an organisation’s attitude and commitment to risk management in a high-level document, such as a Risk Management Policy. The policy may… Continue reading Practical ideas: Develop a high-level Risk Management Policy

4 steps to integrate risk management into strategic planning

Let me first start by saying integrating risk management into strategic planning is NOT doing a strategic risk assessment or even having a risk conversation at the strategy setting meeting,… Continue reading 4 steps to integrate risk management into strategic planning

Embedding risk into strategic planning and more

Great piece on integrating risk into strategy