Главный событием форума стал уникальный мастер-класс Нормана Маркса, евангелиста «эффективного бизнеса» и международного эксперта по управлению рисками, внутреннего аудита, корпоративного управления и повышения производительности. Ключевой темой мастер-класса стал отказ от привычной для России обособленной системы управления корпоративными рисками и переход к риск-ориентированному мышлению и управлению организацией на основании ГОСТ Р ИСО 31000:2010. Норман поделился уникальным опытом практического внедрения управления рисками в ключевые процессы организации и бизнес решения на всех уровнях управления. Российским профессионалам в области управления предстоит еще большой путь, чтобы отказаться от ежеквартальной или полугодовой экспертной оценки рисков в пользу современных инструментов, таких деревья решений, сценарный анализ, скоринговые модели или имитационное моделирование, которые позволяют интегрировать анализ рисков в ежедневные бизнес решения.
Многие идеи, которые озвучивал Норман Маркс, оказались по-настоящему прорывными для собравшихся участников. #wcrm2017 #risk #risk management
Alex Sidorenko talks about the new G31000 risk management maturity modelAlexei Sidorenko, CRMP
G31000 Risk management maturity model is a modern tool designed to help risk practitioners to implement risk management into organizational processes and the overall culture of the organization. This is a tool that will provide great value to internal auditors, risk managers and business functions alike. The risk maturity model is based on ISO31000:2009 principles and is suitable for any type of organization as well as any industry.
G31000 Risk management maturity model
Overview of 80 risk maturity models across industry and sectors, worldwide
Measuring the alignment of risk management and performance
G31000 model : the only model solely based on the ISO 31000 risk management principles
Collective expertise of the G31000 network for corporates, consultants, auditors and risk managers
Alex Sidorenko (www.risk-academy.ru) masterclass at the Risk Zone 2014 in Munich on quantitative risk analysis in project management and cognitive biases
Professor Jean-Paul Louisot, MBA, ARM, FIRM
Docteur ès Sciences de gestion de la Sorbonne
Formerly University Paris 1 Panthéon/Sorbonne–
Managing Partner JPLA_Consultants
ERM – Enterprise-wide Risk Management –
zTHE NEED FOR AN RM EDUCATION FOR ALL
Alex Sidorenko at the 6th G31000 Risk management conference in DubaiAlexei Sidorenko, CRMP
G31000 Risk management maturity model, presentation by Alex Sidorenko
Overview of 80 risk maturity models across industry and sectors, worldwide
Measuring the alignment of risk management and performance
G31000 model : the only model solely based on the ISO 31000 risk management principles
Collective expertise of the G31000 network for corporates, consultants, auditors and risk managers
Julia Graham
Technical Director and Deputy CEO, Airmic
Immediate Past President and Board Member, FERMA
The Fourth Revolution Managing risk in a changing worldAre you a tenant or an owner?
5th April 2016
Moscow
6 Pitfalls when Implementing Enterprise Risk ManagementPECB
This webinar covers seven common pitfalls faced when establishing enterprise risk management. Also, it conveys the commitment necessary for the proper implementation in order to achieve organizational objectives over time.
Main points covered:
Major drawbacks in Enterprise Risk Management
• Weak tone at the top
• Focusing on issues instead of risks
• Not embedding ERM within business
• Not rethinking perspective towards risk
• Unidimensional risk evaluation
• Vague risk responses
Presenter:
Shady Hallab is an Experienced Manager at PricewaterhouseCoopers LLP in Montreal. He focuses mainly on managing and directing enterprise risk management programs and acts as a risk advisor for evaluating and recommending risk solution best practices for a wide range of private, public and government organizations.
Link of the recorded session published on YouTube: https://youtu.be/GRj_GdIqIo4
Alex Sidorenko at IDA International Risk Management Conference 2017 - DenmarkAlexei Sidorenko, CRMP
Alex Sidorenko at IDA International Risk Management Conference 2017 - Denmark. 4 future trends in corporate risk management. Alternative take on ERM implementation
PSD Operational Risk Event - June 2016 PSD Group Ltd
PSD's Banking & Financial Services sector recently hosted a forum to explore risk management in smaller banking firms.
Dr Ariane Chapelle, Director of Chapelle Consulting, was the key note speaker, giving a thought provoking presentation.
Alex Sidorenko talks about the new G31000 risk management maturity modelAlexei Sidorenko, CRMP
G31000 Risk management maturity model is a modern tool designed to help risk practitioners to implement risk management into organizational processes and the overall culture of the organization. This is a tool that will provide great value to internal auditors, risk managers and business functions alike. The risk maturity model is based on ISO31000:2009 principles and is suitable for any type of organization as well as any industry.
G31000 Risk management maturity model
Overview of 80 risk maturity models across industry and sectors, worldwide
Measuring the alignment of risk management and performance
G31000 model : the only model solely based on the ISO 31000 risk management principles
Collective expertise of the G31000 network for corporates, consultants, auditors and risk managers
Alex Sidorenko (www.risk-academy.ru) masterclass at the Risk Zone 2014 in Munich on quantitative risk analysis in project management and cognitive biases
Professor Jean-Paul Louisot, MBA, ARM, FIRM
Docteur ès Sciences de gestion de la Sorbonne
Formerly University Paris 1 Panthéon/Sorbonne–
Managing Partner JPLA_Consultants
ERM – Enterprise-wide Risk Management –
zTHE NEED FOR AN RM EDUCATION FOR ALL
Alex Sidorenko at the 6th G31000 Risk management conference in DubaiAlexei Sidorenko, CRMP
G31000 Risk management maturity model, presentation by Alex Sidorenko
Overview of 80 risk maturity models across industry and sectors, worldwide
Measuring the alignment of risk management and performance
G31000 model : the only model solely based on the ISO 31000 risk management principles
Collective expertise of the G31000 network for corporates, consultants, auditors and risk managers
Julia Graham
Technical Director and Deputy CEO, Airmic
Immediate Past President and Board Member, FERMA
The Fourth Revolution Managing risk in a changing worldAre you a tenant or an owner?
5th April 2016
Moscow
6 Pitfalls when Implementing Enterprise Risk ManagementPECB
This webinar covers seven common pitfalls faced when establishing enterprise risk management. Also, it conveys the commitment necessary for the proper implementation in order to achieve organizational objectives over time.
Main points covered:
Major drawbacks in Enterprise Risk Management
• Weak tone at the top
• Focusing on issues instead of risks
• Not embedding ERM within business
• Not rethinking perspective towards risk
• Unidimensional risk evaluation
• Vague risk responses
Presenter:
Shady Hallab is an Experienced Manager at PricewaterhouseCoopers LLP in Montreal. He focuses mainly on managing and directing enterprise risk management programs and acts as a risk advisor for evaluating and recommending risk solution best practices for a wide range of private, public and government organizations.
Link of the recorded session published on YouTube: https://youtu.be/GRj_GdIqIo4
Alex Sidorenko at IDA International Risk Management Conference 2017 - DenmarkAlexei Sidorenko, CRMP
Alex Sidorenko at IDA International Risk Management Conference 2017 - Denmark. 4 future trends in corporate risk management. Alternative take on ERM implementation
PSD Operational Risk Event - June 2016 PSD Group Ltd
PSD's Banking & Financial Services sector recently hosted a forum to explore risk management in smaller banking firms.
Dr Ariane Chapelle, Director of Chapelle Consulting, was the key note speaker, giving a thought provoking presentation.
Татьяна Будишевская
Старший менеджер Deloitte
Современная методика оценки культуры управления рисками в организации
Практические инструменты внедрения риск-культуры
G31000 RMM helps organizations assess alignment to ISO31000 principles and current maturity level and to develop a roadmap for continuous improvement.
Global Institute for Risk Management Standards is a network of over 65,000 risk management experts across the world, more than 1000 people has been ISO31000 certified risk professionals.
G31000 Risk Management Maturity Model is the only globally recognized model that has been designed to closely align with the ISO31000:2009 principles.
Focuses not on formal elements of risk management but on the integration of risk management into activities, decision making and culture.
Created by a global team with extensive knowledge in risk management and risk maturity models.
Risk Reimagined! Series- The Importance of People and Culture to Effective Ri...Resolver Inc.
Copyright notice: The following slides are intended for professional use within an organization for discussion purposes only. Any other uses or modifications are strictly prohibited.
Any organization is an assembly of people: people who take risk as they manage and direct the enterprise; people who decide how much risk is acceptable or even desirable; and provide oversight of the management of risk across the extended enterprise.
Organizational culture has been the topic of study for many years.
• “Culture is how organizations ‘do things’.” — Robbie Katanga
• “Organizational culture is the sum of values and rituals which serve as ‘glue’ to integrate the members of the organization.” — Richard Perrin
Richard Anderson and Norman Marks share their views on this complex subject. They cover:
• What is the difference between the “risk” culture and the “organizational” culture? How can it be analysed?
• Who takes risk, and who should be responsible for deciding how much risk to take?
• Is there such a thing as a single risk level?
• Why do so many of us take different views of exactly the same risks? How does an organization decide which view is “right”?
• Is one person’s risk another’s opportunity?
• What about when the actions of one impact the success of another?
Andy Cox
Director Control Risks, UK
Новое исследование Control Risks на тему управления рисками и бизнес устойчивости в мире. В рамках исследования оценивается способность организаций идентифицировать, анализировать риски и разрабатывать адаптивные стратегии управления рисками
From Bolt-on to Built-inManaging Risk as an Integral Part of Managing an Organization
New Horizons in Corporate Risk Management April 5, 2016 Moscow, Russia
Vincent Tophoff, International Federation of Accountants (IFAC)
Dr. Frank Herdmann
Chairman ISO/TC 262 AG 1
Лучшие практики внедрения риск-ориентированного мышления в Германии
Почему бизнесу не стоит управлять рисками интуитивно и чем может быть полезен риск-менеджер
Integrating Risk Management Processes into Decision Making Case Study of the University of California
Erike Young, MPPA, CSP, ARM-EVice-Chair, U.S. TAG to ANSI for ISO TC262--Risk Management (ISO 31000)
ISO 31000, a risk management standard for decision-makers
Alex Dali, MBA, ARM, CT31000
President
Global Institute for Risk Management Standards - G31000
Alex Sidorenko talks about some of major mistakes risk community made in implementing ERM and why we are making exactly the same mistakes now with digital risks.
How can we explain risk management in a way that connects with how people run the business? One part of the solution is to talk in English rather than techno-babble.
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksAronson LLC
Significant opportunities remain for organizations to continue to strengthen their approaches to identifying and assessing key risks. This program will provide an overview of Enterprise Risk Management (ERM) best practices and current emerging risks that should be on your radar for 2018.
Watch the complete webinar here: https://aronsonllc.com/c-suites-guide-to-enterprise-risk-management-and-emerging-risks/?sf_data=all&_sft_insight-type=on-demand-webinar
Татьяна Будишевская
Старший менеджер Deloitte
Современная методика оценки культуры управления рисками в организации
Практические инструменты внедрения риск-культуры
G31000 RMM helps organizations assess alignment to ISO31000 principles and current maturity level and to develop a roadmap for continuous improvement.
Global Institute for Risk Management Standards is a network of over 65,000 risk management experts across the world, more than 1000 people has been ISO31000 certified risk professionals.
G31000 Risk Management Maturity Model is the only globally recognized model that has been designed to closely align with the ISO31000:2009 principles.
Focuses not on formal elements of risk management but on the integration of risk management into activities, decision making and culture.
Created by a global team with extensive knowledge in risk management and risk maturity models.
Risk Reimagined! Series- The Importance of People and Culture to Effective Ri...Resolver Inc.
Copyright notice: The following slides are intended for professional use within an organization for discussion purposes only. Any other uses or modifications are strictly prohibited.
Any organization is an assembly of people: people who take risk as they manage and direct the enterprise; people who decide how much risk is acceptable or even desirable; and provide oversight of the management of risk across the extended enterprise.
Organizational culture has been the topic of study for many years.
• “Culture is how organizations ‘do things’.” — Robbie Katanga
• “Organizational culture is the sum of values and rituals which serve as ‘glue’ to integrate the members of the organization.” — Richard Perrin
Richard Anderson and Norman Marks share their views on this complex subject. They cover:
• What is the difference between the “risk” culture and the “organizational” culture? How can it be analysed?
• Who takes risk, and who should be responsible for deciding how much risk to take?
• Is there such a thing as a single risk level?
• Why do so many of us take different views of exactly the same risks? How does an organization decide which view is “right”?
• Is one person’s risk another’s opportunity?
• What about when the actions of one impact the success of another?
Andy Cox
Director Control Risks, UK
Новое исследование Control Risks на тему управления рисками и бизнес устойчивости в мире. В рамках исследования оценивается способность организаций идентифицировать, анализировать риски и разрабатывать адаптивные стратегии управления рисками
From Bolt-on to Built-inManaging Risk as an Integral Part of Managing an Organization
New Horizons in Corporate Risk Management April 5, 2016 Moscow, Russia
Vincent Tophoff, International Federation of Accountants (IFAC)
Dr. Frank Herdmann
Chairman ISO/TC 262 AG 1
Лучшие практики внедрения риск-ориентированного мышления в Германии
Почему бизнесу не стоит управлять рисками интуитивно и чем может быть полезен риск-менеджер
Integrating Risk Management Processes into Decision Making Case Study of the University of California
Erike Young, MPPA, CSP, ARM-EVice-Chair, U.S. TAG to ANSI for ISO TC262--Risk Management (ISO 31000)
ISO 31000, a risk management standard for decision-makers
Alex Dali, MBA, ARM, CT31000
President
Global Institute for Risk Management Standards - G31000
Alex Sidorenko talks about some of major mistakes risk community made in implementing ERM and why we are making exactly the same mistakes now with digital risks.
How can we explain risk management in a way that connects with how people run the business? One part of the solution is to talk in English rather than techno-babble.
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksAronson LLC
Significant opportunities remain for organizations to continue to strengthen their approaches to identifying and assessing key risks. This program will provide an overview of Enterprise Risk Management (ERM) best practices and current emerging risks that should be on your radar for 2018.
Watch the complete webinar here: https://aronsonllc.com/c-suites-guide-to-enterprise-risk-management-and-emerging-risks/?sf_data=all&_sft_insight-type=on-demand-webinar
While critical control frameworks are becoming increasingly common in mines and quarries in NSW, effective implementation of these frameworks can be hampered by an inadequate grasp of the necessary data inputs, indicators and human psychology that govern whether the framework will create the intended outcome. As statutory mechanical officials in mines and quarries in NSW, assuring the effectiveness of critical risk controls can significantly reduce blidspots and improve your ability to know where you stand in relation to critical control effectiveness. This presentation will elevate your ability to:
• Identify and address complexity risk in developing critical control frameworks
• Recognise and respond to cognitive bias to maximise the performance of critical control frameworks
• Evaluate and apply key risk indicators and risk tolerances in order to effectively and honestly measure the performance of critical control frameworks.
Engaging leaders and managers in risk managementGideon Bernto
A fun and rewarding way of quickly getting to grips with the plethora of risks faced by business. People learn how to interpret the risk matrix and prioritise their risks and mitigation strategy accordingly. However, they have limited resources and can't afford to do everything that they may want.
Enterprise Risk Management and SustainabilityJeff B
An overview of our endeavors at implementing ISO 31000 enterprise risk management and the importance of establishing good risk culture within the company.
This webinar was about ISO 9001:2015 changes and enterprise risk management. It mentioned how risk management actually contributes to the organization’s value and QMS. It also described the benefits of implementing enterprise risk management.
Main points covered:
• Where to start?
• What is in and what is out?
• How to win top management support?
Presenter:
This webinar was presented by Eddie de Vries, a PECB ISO 31000 Certified Risk Manager and Trainer with 20 years’ experience in Quality Management and more than 12 years’ experience in Enterprise Risk Management.
Link of the recorded webinar published on YouTube: https://youtu.be/PLHx57ZPo30
Aligning strategy decisions with risk appetite
Presented by David Shearer
Monday 10th October 2016
APM North West branch and Risk SIG conference
Alderley Park, Cheshire
PECB Webinar: ISO 31000 - The Benchmark for Risk Management in uncertain timesPECB
The webinar covers:
• Overview of ISO 31000 and how this standard implies threats but opportunities as well
• Risk-based thinking as an integral part of ISO 9001:2015 and ISO 14001:2015
• Principles, processes and framework of ISO 31000
• How organizations can reduce uncertainty, seize opportunities and treat risks
Presenter:
This session will be presented by PECB Trainer Jacob McLean, Principal Consultant and Managing Director of Kaizen Training & Management Consultants Limited.
Link of the recorded session published on YouTube: https://youtu.be/MVBMM6X3Vgw
Similar to Норман Маркс на форуме World Class Risk Management 2017 (20)
Recruiting in the Digital Age: A Social Media MasterclassLuanWise
In this masterclass, presented at the Global HR Summit on 5th June 2024, Luan Wise explored the essential features of social media platforms that support talent acquisition, including LinkedIn, Facebook, Instagram, X (formerly Twitter) and TikTok.
An introduction to the cryptocurrency investment platform Binance Savings.Any kyc Account
Learn how to use Binance Savings to expand your bitcoin holdings. Discover how to maximize your earnings on one of the most reliable cryptocurrency exchange platforms, as well as how to earn interest on your cryptocurrency holdings and the various savings choices available.
The world of search engine optimization (SEO) is buzzing with discussions after Google confirmed that around 2,500 leaked internal documents related to its Search feature are indeed authentic. The revelation has sparked significant concerns within the SEO community. The leaked documents were initially reported by SEO experts Rand Fishkin and Mike King, igniting widespread analysis and discourse. For More Info:- https://news.arihantwebtech.com/search-disrupted-googles-leaked-documents-rock-the-seo-world/
Top mailing list providers in the USA.pptxJeremyPeirce1
Discover the top mailing list providers in the USA, offering targeted lists, segmentation, and analytics to optimize your marketing campaigns and drive engagement.
Event Report - SAP Sapphire 2024 Orlando - lots of innovation and old challengesHolger Mueller
Holger Mueller of Constellation Research shares his key takeaways from SAP's Sapphire confernece, held in Orlando, June 3rd till 5th 2024, in the Orange Convention Center.
Premium MEAN Stack Development Solutions for Modern BusinessesSynapseIndia
Stay ahead of the curve with our premium MEAN Stack Development Solutions. Our expert developers utilize MongoDB, Express.js, AngularJS, and Node.js to create modern and responsive web applications. Trust us for cutting-edge solutions that drive your business growth and success.
Know more: https://www.synapseindia.com/technology/mean-stack-development-company.html
LA HUG - Video Testimonials with Chynna Morgan - June 2024Lital Barkan
Have you ever heard that user-generated content or video testimonials can take your brand to the next level? We will explore how you can effectively use video testimonials to leverage and boost your sales, content strategy, and increase your CRM data.🤯
We will dig deeper into:
1. How to capture video testimonials that convert from your audience 🎥
2. How to leverage your testimonials to boost your sales 💲
3. How you can capture more CRM data to understand your audience better through video testimonials. 📊
3. The Risk Manager’s List
3
1. You might get run over by a car
2. You might get run over by a bicycle
3. Your home may be burglarized while you are out
4. You might be mugged
5. You might be shot in a drive-by shooting
6. A lot of bad things might happen
4.
5.
6.
7. “Only xx% of [C-level] respondents
believe their risk management
processes support, at a high level,
the ability to develop and execute
business strategies”
Deloitte: Exploring Strategic Risk
7
8. “Only 13% of [C-level] respondents
believe their risk management
processes support, at a high level,
the ability to develop and execute
business strategies”
Deloitte: Exploring Strategic Risk
8
9.
10. The Upgraded Risk Manager’s List
10
1. You might get run over by a car
2. You might get run over by a bicycle
3. Your home may be burglarized while you are out
4. You might be mugged
5. You might be shot in a drive-by shooting
6. A lot of bad things might happen
1. If you work you can earn money
2. You can meet your wife for lunch
3. You can pick up your children after school
4. I can get groceries and be able to eat
5. Getting exercise is healthy
6. A lot of good things might happen
11. The Upgraded Manager’s List
11
1. You might get run over by a car
2. You might get run over by a bicycle
3. Your home may be burglarized while you are out
4. You might be mugged
5. You might be shot in a drive-by shooting
6. A lot of bad things might happen
1. If you work you can earn money
2. You can meet your wife for lunch
3. You can pick up your children after school
4. I can get groceries and be able to eat
5. Getting exercise is healthy
6. A lot of good things might happen
16. Why We Need to Manage Risk
The purpose of managing risk is to increase
the likelihood of an organization achieving
its objectives by being in a position to
manage threats and adverse situations and
being ready to take advantage of
opportunities that may arise.
National Guidance
on Implementing ISO 31000:2009
From NSAI in Ireland
16
24. 24
Why risk management?
“An effective [ERM] capability provides value
by giving organizations the confidence to take
on risk, rather than avoid it.
- Consultancy firm
25. 25
Why risk management?
“By effectively managing the right risks,
management has more timely,
comprehensive and a deeper
understanding of risk which, in turn,
facilitates better decision-making and
confidence to take on new ventures or
even to accept higher levels of risk.
- Consultancy firm
26. 26
Why risk management?
“The upshot of this investment
includes a greater competitive
advantage, reduced cost of capital
and a steady share price.”
- Consultancy firm
27. 27
Why risk management?
Better information leads to:
Better decisions
Protection of value
Seized opportunities
Agile, optimized performance
28. 28
Drive business results
“In an increasingly competitive, fast-paced
world, organizations need to continually
advance their risk management practices,
building on the strong foundation of protection
and compliance into an expanded focus on risk
factors that impact strategic decision-making
and operational performance.”
- Consultancy firm
29. 29
Drive business results
“We believe a paradigm shift in risk management is
beginning, which is:
• Tied to the increasingly complex world in which
companies now operate
• Based on the awareness that uncertainty is
embedded in (and impacts) everything we do
• Focused on both capturing upside opportunities
as well as protecting the business.”
- Consultancy firm
30. 30
Drive business results
“You need [risk management] to become part of
the rhythm of the business: meaning within the
flow of strategic and business planning,
operations, oversight and monitoring that runs
from the board to the line.”
- Consultancy firm
31. 31
Drive business results
“There are several key business processes, and structural and
functional components that make up this rhythm of the business,
working together to deliver business value creation. Within these
components of the business, we see four basic business process
suites:
• Strategic oversight and planning — board and executive
management level activities
• Business level planning/budgeting — management translation
of strategies into business plans and allocation of capital
• Operational execution — value creating implementation of
plans and strategies
• Monitoring and compliance — audit and compliance activities.”
- Consultancy firm
32. 32
The risk management process
Establish the context
Identify risks
Analyse risks
Evaluate risks
Treat risks
Communicateandconsult
Monitorandreview
Used by every manager for every decision
33. 33
Upgraded risk management process
• Anticipate what might happen
• Analyze the possibilities
• Is there a problem?
• What are the options?
• Which is best?
• Decide
• Act
• Review/monitor/learn
34. When do you manage risk?
• Every day
• Across the enterprise
• In every decision
• But….. Periodically take stock
35. How does the Risk Manager help?
• Periodic review, yes – BUT!!
• Process, systems, to enable informed
decisions every day by everyone
• Help everybody manage risk
• Help everybody succeed
35
36. 36
When Risk Management focuses
on the Negative
It fails to focus on the Positive
and Fails to help the organization
Succeed
37.
38. World-Class Risk Management
• How confident are you in the information you
provide about risk?
• Is it reasonably accurate and complete?
• Does it provide an acceptable basis for
decision-making?
39. Risks to Risk Management
• Not every executive or board member
embraces and embodies risk management
• Normal human bias when considering risk
• An unwillingness to accept reality
• A reluctance to recognize and seize an
opportunity because of a fear of taking risk
• A reluctance to communicate changes in risk
levels for fear of retribution
39
40. Risks to Risk Management
• Failures to detect subtle changes in the
business environment
• Risk management processes running slower
than the speed of risk
• Excessive centralization or red tape
bureaucracy
• Insufficient, unreliable, or unclear information
• Changes in personnel
40
41. Risks to Risk Management
• The inability to adapt risk management
methods as the business changes
• Competing attention for management time
• Decisions made in a rush
• The deliberate violation of risk guidance
• Failures of internal control
41
42. Risks to Risk Management
• Errors of judgment and simple mistakes
• …and so on
42
43. Risk Reporting
• List of top risks
–Does it help the board and
management make decisions?
–Does it tell you whether you will
achieve objectives?
• Heat map
–Same questions
43
48. 48
Objectives and their Risks
Projected Achievement
Fall Short Achieve Exceed
Business
Objective
YTD
Performance
>7.8% 7.8%-
8.2%
<8.2%
Maintain
employee
turnover at 8%
per annum 8.15% 15% 80% 5%
49. Risk management in real life
• Select vendor(s) of critical materials
• Objectives:
– Cost management
– Quality products
– On-time delivery
49
50. 50
Options
• Single vendor
– Lower cost
– More important customer to vendor
– Risk of disruption
– Risk if vendor disappoints
51. 51
Options
• Two vendors
– Higher cost
– Less important customer to vendor
• May increase prices
• May affect deliveries
– Risk of disruption reduced
– Risk if vendor disappoints reduced
52. 52
Options
• Three or four vendors
– Highest cost
– Much less important customer to vendor
• May increase prices
• May affect deliveries
– Risk of disruption reduced
– Risk if vendor disappoints reduced
53. The selection
• Involved all affected parties
• Considered each option
• Not a matter of a single risk
• Which option, considering all potential effects,
would be best?
• An enterprise level risk appetite statement
would have no value
53
54.
55. 55
The risk practitioner and the executive
• We share the same goal – performance
• Talk the same language
• Move from ‘no’ to ‘how’
• Management need information and process
• Help assess what might happen, alternatives
• Help managers make intelligent, informed
decisions
• Help them succeed!
56. 56
ASSESS AGAINST ISO 31000 PRINCIPLES
Creates and protects value
An integral part of organizational processes
Part of decision-making
Dynamic, iterative, responsive to change
Tailored
58. ASSESS IN REAL LIFE
What is the likelihood of
achieving enterprise objectives?
Is that OK?
What can we do to improve the
Extent and Likelihood of
Success?
What will we do?
60. 1. INSERT KEY INTO IGNITION
2. SHIFT INTO DRIVE
3. PRESS FOOT FIRMLY ON THE
THROAT OF MEDIOCRITY
61. THANK YOU!
Norman Marks, CPA, CRMA
Author; Evangelist for Better Run Business; OCEG Fellow;
Honorary Fellow of the Institute of Risk Management
nmarks2@yahoo.com
https://iaonline.theiia.org/norman-marks
http://normanmarks.wordpress.com/
Twitter: @normanmarks