Greg Hutchins - Thought Leader

Guest Post by Greg Caroll (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

The 2009 release of ISO 31000 was the first step across the threshold into 21^st century risk management. Unfortunately the industry that has developed around it has firmly grabbed the doorway and won’t let go.  Although the latest revisions make references to decision making and integration into functional purpose, it totally misses the point of risk management, which is to assist navigating a complex world. [Read more…]

Guest Post by Malcolm Peart (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Firstly, what is ‘good communication’?  Many people have views, but my definition is “the effective and efficient transfer and receipt of information by the right people, at the right time, in the right medium, at the right place and in the right amount”. [Read more…]

Guest Post by Malcolm Peart (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

We all use our work experience to a greater or lesser extent and often the most recent project is recalled as it is at the forefront of our minds.  However, is it the most relevant if we try to adapt our most recent, and hopefully successful, experience to meet the current situation? [Read more…]

Guest Post by James Kline (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Houston Texas is one of the few local governments in the United States with an Enterprise Risk Management (ERM) based risk assessment approach. This policy was reviewed and updated in 2016.  This was the latest step in the city’s use of risk assessment.

From 1996 to 2004, the city outsourced risk assessment.  The assessment was performed every five years.  Beginning in 2009, the city’s audit department took over the assessment.  This article discusses the risk assessment process used by the City of Houston.

[Read more…]

Guest Post by Malcolm Peart (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

You’ve started a new project; or joined one that’s up and running or it’s nearing closure – and it’s going well.  With no problems to speak of, it’s business as usual; so stick to the plan and it will be all right in the end ‘cos nothing can go wrong.

Or perhaps there are problems; but all projects have problems!  It’s not your problem as the bid team, planning team, or those awkward stakeholders and ever present over demanding clients can be blamed.

The project will eventually get finished if it’s on, or off, the rails.  The project is ‘just a job’ and management just carry on clocking-in and clocking-out regardless of the situation. [Read more…]

Guest Post by James Kline (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

The 2012 Moving Ahead for Progress in the 21^st Century Transportation Act (MAP 21) requires state departments of transportation to develop a Transportation Asset Management Plan (TAMP). The TAMP is to include a Risk Based Asset Management Plan (RBAMP). The two plans must be certified by the Federal Highway Administration (FHWA) by June 30, 2019.  Certification failure will result in National Highway Performance Program funds being reduced by thirty-five percent.  As a carrot, federal funds can be used to cover the cost of developing these plans. This article discusses the FHWA’s approach to risk management.  It also shows that the FHWA approach will filter down to local governments. [Read more…]

Guest Post by Geary Sikich (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

“To do something very dangerous takes a certain lack of imagination”
 – Anonymous

Introduction

Governments and companies worldwide are emerging from the current financial crisis and subsequent recession.  While governments are crafting new regulations, businesses around the world are walking in shifting sand as risk exposures are high and new regulations will create compliance challenges.  According to a recent survey by Korn/Ferry International, corporate leaders are focusing more attention on risk management after what is considered by many to be excessive risk-taking during the boom times that factored into the global financial crisis. [Read more…]

Guest Post by Malcolm Peart (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

In the workplace we have identified and attempted to eradicate racial and gender discrimination, sexual harassment and bullying.  We now battle age discrimination in our aging society in a (supposedly) increasingly politically correct world.  However, our intellects are also being abused as individuals find increasing ways to breach of the bounds of reasonable behavior and put our sanity and dignity at risk. [Read more…]

Guest Post by Geary Sikich (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Introduction

In the risk-neutral world, all business and government continuity planning would be risk-balanced. However, in reality, risks, threats, hazards and their consequences change depending on an organizations exposure, sensitivities to impact and other factors.  For instance, a natural disaster, can occur without much warning and can have direct and indirect impact on an organization.  Complicating the Business Continuity Planners life is a simple fact, events have unforeseen consequences that can rarely be planned for. [Read more…]

What do you think is the #1 business risk in 2018 according to the World Economic Forum?

• Weapons of mass destruction?   It’s #29.
• Natural catastrophes?    It’s # 19.
• Cyber attacks?   It’s #8.  We’re getting closer.

Guess again? [Read more…]

There is a huge fear around the globe that:

The Machines Are Coming!

How much is this reality, fear, or over hype?

Upcoming Machine and robot wars are posed this way.

The machines are fully functional robots that can out-think and out-do all humans.  Where has this fantasy been created?  TV.  Movies.  Books.  And frankly most media make a robot a villain who kills and takes over humanity.

Now, they are seen as job killers and we all need to be afraid.

So, what’s going on?  This is:  Part myth.  Part reality. [Read more…]

Guest Post by Malcolm Peart (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

The Low Bid: Who’s Risk?

We live in a competitive environment and business generates the money that makes the world go round, or at least should do.  Money is the medium of exchange for goods and services and allows society as we know it and the global economy to function.

Those who have money engage those who want money to provide them with products or services and this is done through contracts.  Contracts are awarded at a price that the person who has the money (the Client) is prepared to pay and ‘the winner’ is typically the lowest compliant bid.

If compliance isn’t met then there is suffering somewhere. It can be the Client, the Bidder, the end user or all three and on Government projects it’s the taxpayer who, inevitably, pays. [Read more…]

Guest Post by Geary Sikich (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Time matters most when decisions are irreversible

Transparent vulnerabilities are so obvious that they are easily overlooked; they are the ones we:

• see when they are pointed out;
• recognize when we are made aware of them;
• fail to acknowledge, leading to potentially significant consequences when the vulnerability is realized.

Risk and time are opposite sides of the same coin; for if there were no tomorrow, there would be no risk. Growing government intervention in the private sector therefore becomes a transparent vulnerability that we have not accounted for in our identification of vulnerabilities. Time transforms risk. The nature of risk is shaped by our time horizon. In order to achieve corporate goals and objectives time horizons are established few take into account government actions. [Read more…]

Guest Post by Greg Caroll (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

So why don’t most Enterprise Risk Management system work?  Simply, they don’t “manage” risk, they just record it.  Manage is a verb not a noun. It is activity not an item.  Making a list might be adequate for those who want to check off regulatory compliance, but it’s does not produce a ROI. [Read more…]