Operational Risk

Jun 26, 2018

COSO’s Take on the Three Lines of Defense

As risks begin to threaten the achievement of company objectives, senior management must determine the appropriate way to respond. Responsibilities and duties must be clearly identified so individuals are aware of their roles in addressing these risks and controls. COSO developed the three lines of defense model that addresses how specific duties related to risks and controls could be assigned and coordinated within the organization to alleviate the threat. Ultimately, the model is designed to ensure individuals within each line of defense are aware of their full responsibilities and how these responsibilities fit into the organization's overall risk and control structure.

May 16, 2017

Why Teams Often Make Riskier Decisions Than Individuals (and What You Can Do About It)

Dr. Brad Kirkman, General (Ret.) H. Hugh Shelton Distinguished Professor of Leadership, NC State University Poole College of Management, Shares his insights about how decisions made by teams may actually introduce more risks than when decisions are made individually. He also provides tips for how to counter that concern.

Sep 27, 2016

Risk Identification and Risk Training

Phil Maxwell, Director of Enterprise Risk Management at The Coca-Cola Company shares risk identification techniques and Coca-Cola’s approach to ERM education and training.

Aug 2, 2016

Engaging Management in Risk Identification Processes

Scott Williams, Senior Director of ERM at the Lockheed Martin Corporation, shares techniques used across the organization to engage management in the identification of risks to the organization.

Apr 1, 2016

Supply Chain Risk Management

Supplier management has recently emerged as an important area for risk management. As globalization has changed the business world drastically this past century, companies now have complex global networks from which they buy and sell products. Given this, Baylor University's Hankamer School of Business conducted research to determine supplier risk management practices. Their findings are based on interviews with 33 companies including KPMG, Johnson & Johnson, Coca Cola, and IBM to name a few. This abstract summarizes some of the key points in this document.

Jan 20, 2016

A Risk Manager’s Role in Strategic Leadership

A misalignment of risk priorities often exists between the risk manager and the executive decision makers. What can risk managers do to help them establish their significance and contribution to the organization? As in almost any emerging field, risk management requires effective communication and robust contribution from all parties in order to extract the most value for the organization.

Oct 26, 2015

A Chief Compliance Officer’s Role in Risk Management

Risks, rules, and regulations: Can today's chief compliance officers keep up? It is commonly known that a company's ability to assess and manage risks to meet stakeholder expectations may ultimately determine the success or failure of an organization. Deloitte and Compliance Week, in their collaborative efforts, have administered a survey to annually assess corporate America's ability to keep up with these rising expectations and to address issues and concerns resulting from current trends.

Oct 1, 2015

Value Creation through Risk Management

Many companies have come to realize that risk management serves more than just a compliance function. In the ever-changing risk environment we live in today, risk management also serves to add value to the company. After conducting their Global Governance, Risk and Compliance Survey, EY published a white paper with a three-step approach to risk management.

Nov 1, 2013

Create Synergies between Risk Management and Internal Audit

Companies are always scanning the business landscape for the next way to get ahead, to gain a competitive advantage, and to take the next step, particularly in the area of risk management. Most companies have some form of risk management, whether the traditional silos or the more robust enterprise risk management, and their purpose ranges from protecting assets to pursuing opportunities. These same companies often have an over-looked, or at least underutilized asset, in their internal audit function. Internal audit understands the business operations and controls; however, they share a common goal with risk management, which is to improve the effectiveness of risk management. This common goal leads to a potential synergy that can help a company reach that next step in risk management. The Risk Insurance Management Society ("RIMS") and The Institute of Internal Auditors ("IIA") joint white paper highlights the why, the how, and the proof that leveraging your internal audit function in risk management can not only work, but work well.

Jun 19, 2013

ERP Implementation Risk: Managing Sources of Project Delays and Other Risk

Over the past two decades, enterprise resource planning (ERP) systems have allowed managers to utilize software to integrate information about projects across the enterprise. These systems are designed to integrate internal and external information, enhance the flow of communication and decision-making across an enterprise, and focus on business processes and functions. However, integrating information about operations all across an enterprise to make information more accessible and flow via an ERP system presents a number of significant risks. If issues arise at inopportune moments, they are compounded due to the interrelated nature of an ERP system. Protiviti developed a whitepaper that identifies and reiterates the importance of mitigating these risks to reduce post-implementation project costs.