It’s puzzling, isn’t it? Risk management, a field that has been formalized and standardized in non-financial companies since the 1990s and accepted widely by 2009 with the publication of ISO31000, somehow doesn’t seem to make the seismic shifts we anticipated. As I leaf through articles in Forbes, I find more “risk management has failed again”… Continue reading Why are risk managers so bad at root cause analysis?