CorprofitCorprofitCorprofitCorprofit
Ph: 1300 55 7475 Request Live Demonstration
    0
  •   was successfully added to your cart.
  • Home
  • About
    • About Us
    • Team
    • CorProfit pamphlet
  • Products
    • KnowRisk® Products
    • Risk Management and ERM
    • Report Design and Selection
    • Dashboard Reports
    • Top Risks Report
    • Key Business Risks
  • Modules
    • ISO31000
    • Compliance
    • Controls Self-Assessment
    • Managing Project Risks
    • Contracts Management
    • Internal Audit
    • Incident Reporting
  • Services
    • Strategic Risk Management Consultancy and Advice
    • Risk “Roadmap”
    • Implementation Services
    • Mentoring and Peer reviews
    • ERM Readliness and Diagnostic Services
    • Risk Management Traning Programs
    • System Integration
  • Case Studies
  • Blog
  • Publications
  • Contact

The Foundation to be Successful and avoid Failure to Implement Risk Management, ERM or GRC

    Home Blog The Foundation to be Successful and avoid Failure to Implement Risk Management, ERM or GRC
    NextPrevious

    The Foundation to be Successful and avoid Failure to Implement Risk Management, ERM or GRC

    By Ian Abrahams | Blog | 0 comment | 20 September, 2019 | 0

    The difference in a successful ERM implementation is in the approach.

    Having the right knowledge in “how to” ensures success.

    This article gives you the opportunity to self-assess, or health check your approach.

    What Comes to Mind for Top Managements?

    Imagine the day to day lives of top management;

    • Will our company performance stay the course, are our goods and services relevant in a world changing to counteract climate change, how open are we to internet hacking, or from left-field which competitor will take away our market share?
    • Or are we serving the community to the best levels of city life, roads and transport facilities, good governance, creating opportunities, stimulating competition, knocking out the potential for fraud and corruption?
    • At the operations level the security staff are validating access by staff and visitors, a compliance audit is coming up and shareholders are asking some questions.
    • As the CEO, I see the quarterly risk register reports, but what do they tell me about the real risks that I’m facing?

     

    It may be time to re-evaluate your Risk Management approach and objectives!

    Self-Assess the Value of Your Risk Management

    Top Management should expect Risk Management to add value;  but is this in subjective or objective ways?

    Asking the Right Questions helps you to form a view as to how much value Risk Management adds to your business.

    Self-assess your approach to Risk Management by answering these questions:

    Select a Score
    Question Brief Answer
    How confident are you, that you will succeed in implementing Risk Management?

    Before implementing, CorProfit’s research shows these need to be in place: Which of these is the best fit?
    They are driving Supportive Risk Function is Motivating
    Top Management Buy-in
    Competent Risk Management Function
    Comprehensive Risk Framework
    Robust Risk Software
    Before implementing, Cor Profit’s research shows these need to be in place: What do you think the current level of knowledge for each is?
    Best Practice Good Practice Developing
    Top Management Buy-in
    Competent Risk Management Function
    Comprehensive Risk Framework
    Robust Risk Software

    These questions go to checking the health of your Risk Management Yes No Not Sure
    Was a substantial change made to your Risk Framework Document in last 1 to 2 years?
    Have you re-evaluated your Risk Process to reflect increased learning and knowledge, in last 2 years
    Have you re-evaluated your Risk Matrix to reflect increased learning and knowledge, in last 2 years
    Were your Risk Registers uploaded from either Excel or another system to your current system
    Have you added at least 10% more risks since your initial upload to the current system
    Are you challenged to gain staff buy-in (they may struggle with the concept of Risk management or are too busy)
    Have you changed report formats and types of analysis in the last 1 to 2 years

     

    By answering each of the above, if there are more “No’s” than ‘Yes’s”, the chances are that your Risk Management has plateaued!

    Investing in the Right Approach to Implement Risk Management

    The best, the most value-adding form of Risk Management is to make it both Strategic and Tactical, rather than being Risk Assurance where most Risk Frameworks stand at.

    Your vision may be to have Risk Management as a strategic business strategy and be an effective decision-making tool to assist top management obtain better outcomes that lead to increased business performance and resilience that would not otherwise be possible.

    The level of success will be proportional to the investment made to set the vision, articulate the strategy and realise benefits through implementing Risk Management correctly in business units, projects and assets.

    If you treat Risk Management as an “expense” then it will tend towards Risk Assurance, which is another form of compliance and kept at a minimum.

    If Risk Management is treated as an investment, it will become embedded in the Strategic Business Plan and Strategic Projects, aimed at delivering these better and avoiding unnecessary wasted efforts.

    This is the New Frontier for Risk Management!

    Let’s look at the 4 aspects referred to above that need to be in place before you implement Risk Management.

    Before implementing, these need to be in place: Relative importance between the 4 Aspects
    Top Management Buy-in •     Management are generally supportive, delegating authority to the Risk Management Functions

    •     They look for good risk analysis and actions necessary to keep Strategic & Key Business Risks within Risk Tolerances and Risk Appetite

    Competent Risk Management Function •     It is obviously necessary for staff to be competent to just the levels necessary

    •     Knowledge comes through a well-designed roadmap that builds maturity

    Comprehensive Risk Framework •     A poor Risk Framework can’t lead to a good implementation

    •     The ISO31000 and other Standards are not published to inform you how to implement (it’s up to each organisation to define)

    Robust Risk Software •     The aim is to purchase software that you won’t outgrow

    •     If the Framework is comprehensive and capable of driving the Risk Management Implementation, you are likely to purchase the right software for you

     

    In relative terms, before implementing, of the 4 aspects, the Risk Framework is key-most.

    • The Risk Framework along with the Policy & Procedures demonstrate the Board’s commitment to Risk Management
    • The Framework explains how Risk Management is governed, measured, reported and improved upon over time
    • This does not require the Risk Management team, executive management and staff to be ‘boffin-heads’ at the start. Over time their knowledge will naturally improve
    • It’s not where you start that counts, but where you end that matters!
    • A good foundation is needed at that start.

    There’s a difference between a Risk Framework that is “theoretical” from one that is capable of being implemented. Don’t rely on the ISO31000 Standard or other Guidelines and Codes.  This can only come from experience.

    A more sophisticated Risk Framework will also describe a Maturity Pathway by which the Risk Process will evolve over time, starting in more simple ways and adding in more aspects as and when the organisation is ready for the next stage of maturity.  The value of this is that the organisation is less likely to meander down pathways that prove to be of little value, but rather to institute a basis for continuous improvement.

    Look for good precedence in the marketplace and treasure those who can bring good knowledge to you. 

     

    By Ian Abrahams

    Principal Risk Management Consultant, CorProfit

    BSc.Eng (Civil) MEngSc  CPEng  CPRM MIEAUST  MAIRM  MAIPM

    No tags.

    Ian Abrahams

    More posts by Ian Abrahams

    Related Post

    • CorProfit features in NZ Herald

      By designpluz | Comments are Closed

      In an article titled RWC: Roadshow boost for sofware company, Greg Ansley interviews CorProfit founder, Ian Abrahams about CorProfit’s involvement in the Rugby World Cup’s business roadshow in Australia in 2003. Click here to read the NZRead more

    • Enterprise Risk Management Africa 2012

      By designpluz | Comments are Closed

      CorProfit is pleased to be a sponsor at the Enterprise Risk Management Africa 2012 conference through their partner QuantiMetrics. High Profile speakers include Chief Risk Managers and Compliance Managers from some of the largest organisationsRead more

    • CorProfit featured in Mining & Technology Australia 2011

      By designpluz | Comments are Closed

      CorProfit was recently featured in Issue 3 of the magazine Mining & Technology Australia 2011. The first article describes how Discovery Metals in Botswana is successfully using ERM as a ‘one-stop-shop’ to address all major risk typesRead more

    • User Group Meeting 2012

      By designpluz | Comments are Closed

      CorProfit’s User Group Meeting has been announced and will be held in Sydney, Australia on: Thursday 2nd and Friday 3rd August, 2012 The NSW Trade & Investment Centre Level 47, MLC Centre Martin Place, SydneyRead more

    • User Group Conference 2013

      By designpluz | Comments are Closed

      CorProfit’s User Group Conference has been announced and will be held in Sydney, Australia on: Thursday 5th and Friday 6th September, 2013 Institute of Chartered Accountants Australia 33 Erskine Street Sydney, NSW 2000. (in theRead more

    • Corprofit Knowrisk Becomes a Member of Ozdocs Group of Companies

      By designpluz | Comments are Closed

      More resources, more knowhow, more innovation, there is good news from KnowRisk users. Corprofit KnowRisk has become a member of Ozdocs Group. Ozdocs Group acquired Corprofit-KnowRisk in January 2014. Many initiatives have been implemented since then. SomeRead more

    • Knowrisk User Group Agenda Announced 19 & 20 May 2014

      By designpluz | Comments are Closed

      The User Group is a Forum for users to meet and network, with Day 1 for exploring different uses to which KnowRisk supports your Risk Management as well as a broader ERM / GRC Strategy.Read more

    • Is Business Continuity Planning (BCP) just a subset of ISO31000?

      By designpluz | Comments are Closed

      ISO31000 was promoted as the level playing field for putting all types of risk into the “same pot” and seeing which ones broke through the surface to cause losses of some form or another. ISO31000Read more

    Leave a Comment

    Cancel reply

    Your email address will not be published. Required fields are marked *

    NextPrevious

    Archives

    • November 2020
    • September 2020
    • August 2020
    • July 2020
    • June 2020
    • September 2019
    • May 2015
    • April 2015
    • March 2015
    • February 2015
    • January 2015
    • December 2014
    • July 2014
    • June 2014
    • May 2014
    • February 2014
    • June 2013
    • March 2012
    • October 2011

    Categories

    • Blog
    • Enterprise Risk Management
    • Internal Audit Management
    • Managing project Risks
    • News
    • Project Risk Management
    • Risk Management
    • Risk Management Analysis
    • Risk management COnsultant
    • Strategic Risk Management

    Contact Info

    • 1300 55 7475
      +61 2 8831 6319
    • sales@corprofit.com

    Our Products

    • KnowRisk® Products
    • Risk Management and ERM Reporting
    • Report Design and Selection
    • Dashboard Reports
    • Top Risks Report
    • Key Business Risks

    Other Links

    • About
    • Modules
    • Services
    • Case Studies
    • Contact

    Contact Us

    CorProfit
    Unit 2/7 Packard Ave
    Castle Hill NSW 2154
    T: 1300 55 7475
    E: sales@corprofit.com

    © Copyright CorProfit | Designpluz Web Development Sydney
    • Home
    • About
      • About Us
      • Team
      • CorProfit pamphlet
    • Products
      • KnowRisk® Products
      • Risk Management and ERM
      • Report Design and Selection
      • Dashboard Reports
      • Top Risks Report
      • Key Business Risks
    • Modules
      • ISO31000
      • Compliance
      • Controls Self-Assessment
      • Managing Project Risks
      • Contracts Management
      • Internal Audit
      • Incident Reporting
    • Services
      • Strategic Risk Management Consultancy and Advice
      • Risk “Roadmap”
      • Implementation Services
      • Mentoring and Peer reviews
      • ERM Readliness and Diagnostic Services
      • Risk Management Traning Programs
      • System Integration
    • Case Studies
    • Blog
    • Publications
    • Contact
    Corprofit
      0 items