Risk in work unit business planning: This topic has a tutorial series for those New to this, and a separate introduction and summary for those who have Seen it all. (Topic index)

What is Risk Management? (Topic index)

Risk is not a mysterious hypothetical substance. Unlike radioactive waste, it does not require a management system. You should never ask how much of it there is. Risk is nothing other than the possibility that your world might not end up the way you meant it to be. To manage risk is to understand and act on the effects of uncertainty on objectives. ‘Objectives’ are the preferred outcomes of an activity. ‘Effects’ can be positive or negative. ‘Uncertainty’ includes all kinds of unknowns, including unknown unknowns. ‘Act on’ includes many kinds of response.

Centralised or de-centralised risk management in your enterprise?

What is Enterprise Risk Management? What is a ‘risk management process’? Centralised and de-centralised approaches: ERM as an enterprise-level risk management process Centralised ERM Decentralised risk management processes throughout the enterprise Decentralised but standardised risk management processes through the enterprise. How you end up with one or the other The good and bad in each approach: The common problem is a long path from trigger event to enterprise outcome. ERM as a ‘top level’ risk management process is incomplete. Centralised ERM is ok, but has big problems. Decentralised risk management processes need an enterprise view created. Creating the enterprise view Decentralised but standardised risk management processes are not a solution. The bottom line: decentralised is smart, but there are conditions to meet.

Leave a Reply

Your email address will not be published. Required fields are marked *

Comments are moderated from a sea of spam, so may not be published immediately. Email contact may get a quicker response.