New to this?

The ‘New to this’ stream is for you if you are coming into contact with audit or risk management without training or experience in those areas.

Most likely you are a line manager, executive or board member with a new challenge. Or perhaps you are contemplating a career change.

The ‘New to this’ content in the site is organised into series. You are never expected to know about anything that hasn’t been explained earlier within the series. If you have training or experience and don’t need everything explained from first principles, the Seen it all stream is for you. There are some links across streams, but they always open in a separate window.

These are the series that are ready and waiting for you if you’re New to this. There are more in the pipeline. Please reply with any special requests!

Risk in work unit business planning (Series index)

What is Risk Management? (Series index)

Risk is not a mysterious hypothetical substance. Unlike radioactive waste, it does not require a management system. You should never ask how much of it there is. Risk is nothing other than the possibility that your world might not end up the way you meant it to be. To manage risk is to understand and act on the effects of uncertainty on objectives. ‘Objectives’ are the preferred outcomes of an activity. ‘Effects’ can be positive or negative. ‘Uncertainty’ includes all kinds of unknowns, including unknown unknowns. ‘Act on’ includes many kinds of response.

Discrete risk management processes within an enterprise (Series index)

Risk management happens across the whole of any enterprise, whether or not it is formalised and explicit. Any discrete risk management process needs to have a definite scope. There may be multiple discrete risk management processes across the enterprise. Discrete and independent risk management processes are the work-horses within formal risk management, even if they are not recognised at all in ISO 31000 or COSO ERM.