Risk

I’ve had a lot of conversations about risk assessments recently and just finished a new feature in the Decis platform, both of which prompted this thought: What if we have things backwards? What if our risk assessment updated us instead of the other way around? We spend days — sometimes weeks — building a comprehensive risk assessment to understand our risks and build mitigation measures. But these are snapshots in time and can quickly become overtaken by events. That’s when we move from risk management to incident management or at minimum, we have to review our mitigation. ...

I’m sure you’ve heard people referring to COVID-19 as a ‘Black Swan’ – something that no-one could have seen coming – but is that actually the case? Terrible though it is, I don’t think it’s accurate to describe the current situation as a Black Swan because we’ve had to deal with highly contagious, deadly diseases before. Calling this a ‘Black Swan’ is, therefore, a way to excuse a confused response: ‘how could we have prepared for something that no-one could see coming?’ ...

One of the things I’ve enjoyed most as a consultant is having the opportunity to learn about organizations from a wide variety of sectors. These have ranged from schools, NGOs and the private offices of high net-worth individuals to Fortune Five oil and gas companies and governments. On the one hand, I’ve discovered that there are considerable similarities in all organizations, no matter their sector or size. However, I’ve also become acutely aware that the things that make the most significant difference – good or bad – are often very subtle. ...

Two major events are going to happen in US within the five years. One is a replay of the US subprime mortgage collapse which spawned the 2008 financial crisis. The other will occur when the bubble of college debt bursts. Both events – one of which may well trigger the other – will cause massive strain on US banks with potential global repercussions. This isn’t a bold claim. There are lots of people, all of whom much more familiar with this kind of risk than I am, sounding similar alarm bells. For example, the day after I started writing this, the Financial Times’ editorial was on a similar topic. And there may be other significant events that occur in addition to these but making forecasts about what’s going to happen isn’t the point of this article. ...

“The first rule of snakes [problems] is, if you see a snake, you kill it….Just take care of it” Jim Barksdale, former CEO Netscape It’s rare for an event to be truly unexpected. We know that our personal habits affect our health. We know that incorrect use of tools and machinery can cause injury. We know that small-scale corner-cutting leads to more serious infringements. We know that running complex systems – like drilling rigs or nuclear power stations – beyond established safe parameters can be catastrophic. ...

(This post was updated on Nov 7, 2018 to reflect the discontinuation of the free SOLO plan.) Launch day! For about 15 months now, I have been working on a project to build a better piece of risk management software. This is something I have been thinking about since 2002 and I think now, more than ever, we need – and deserve – a better piece of software for risk management. Why? ...

Yawn! Aside from GDPR-inspired emails with news of updated terms and conditions , this will be the most boring thing you will read all week…. *However, it might be one of the more important if you are a risk manager because one of the core risk management references has just been updated and there are a few changes to be aware of. * I had to review these documents to ensure that my material was up to date so I thought I should keep some notes as I want to save you from having to go through the same ‘compare and contrast’ exercise. Plus, I love standards. : ) ...

Risks don’t just arise from operational incidents. Often the conduct of the organization and its senior leaders result in a type of risk that is very different but just as threatening as a large, physical event. In this conversation with Nick Smart we explore the intersection of risk, ethics and governance. Nick is an independent strategic risk advisor and was the chief ethics and compliance officer (CECO) for a global energy services company, before which he designed and built the security risk management function for the same company in his capacity as chief security officer (CSO). ...

I’m trying to improve my videos so apologize for the quality but here’s a quick video with 10 quick thoughts on risk management. [Video: https://video.wordpress.com/embed/zX8wUAWO?hd=0&autoPlay=0&permalink=1&loop=0&preloadContent=metadata&muted=0&playsinline=0&controls=1&cover=1] Let me know what you think!