Risk

When identifying your organization's strengths, weaknesses, opportunities, and threats, be prepared to ask the heard questions. Once you've got an honest and objective analysis at hand, then comes the hard part: putting your findings into action. Jim DeLoach offers a guide for getting the most out of a SWOT analysis.

Volkswagen, a long-trusted and highly respected brand, will be dealing with the fallout of its emission scandal for quite some time. It's clear to everyone that their massive deception is inexcusable, but we'd do well to remember that the hugest transgressions happen one failure in decision making at a time. Volkswagen's was likely born out of panic.

The good folks at On Call International have shared with the CCI community before about "duty of care," a company's responsibility for keeping its employees safe as they travel on business. This piece explores the other side of the issue: the employee's responsibility. Planning and crisis management only go so far if employees are willfully engaging in risky behavior.

When it comes to building enterprise value, the status quo doesn’t even have a place in the conversation. Value creation goes hand-in-hand with risk, but the risk management function doesn't have to stand in the way of innovation. Jim DeLoach suggests there are two ways of thinking about risk management within this context...

COSO's Enterprise Risk Management Integrated Framework has become something it was never intended to be; as a risk management standard, it fails for at once being too broad (robust risk management programs would be far more effective) and too narrow (in its focus on internal controls as the primary risk management tool). It's time to adopt a multidisciplinary approach.

Lots of change has taken place in risk management over the past three decades. The kinds of risks organizations are exposed to, the speed at which they must respond, the very way we approach enterprise risk management -- all look entirely different than they did in 1985. Jim DeLoach outlines where we've failed and what we can learn from those...

Author Jim DeLoach explores four themes for implementing enterprise risk management (ERM), noting that executives often ask two questions about ERM: “Where do we start?” and “What do we do differently?” These two questions demand a pragmatic response, which DeLoach provides in this compilation of thought leadership articles.

Once upon a time, records and information management was a fairly straightforward concept. Things began to get quite complicated, however, as employees began using mobile devices (often their own) for business purposes. As the size and volume of the data we store has increased, so too have our options for storing it. So many options. So many challenges.

There are some crises you can predict and plan for, and there are some you can't. Surprises such as an earthquake or a sudden medical emergency are stressful enough when you're in the comfort of your hometown -- even more so when you're traveling for business. Companies can prepare themselves for dealing with these crisis, however. Practice makes perfect!

This year's Compliance Week conference was rife with excellent speeches from compliance experts. Tom Fox shares with us the highlights of one presentation from Baker Hughes' Marianne Ibrahim and Jennifer Ellison, whose address on planning for audits was truly illuminating. A must-read piece for any practitioners establishing or tweaking their audit protocols.

Risk culture - a reflection of a company's goals and values - evolves as the organization does. That's not to say that it can be ignored; on the contrary, it should be regularly evaluated and improved. Jim DeLoach outlines a myriad of ways executive management and the Board can make assessments and drive enhancements to risk culture.

Half the battle in combating fraud is detecting it early on, and -- as with many white collar crimes -- fraud is rarely carried out by one wayward staff member acting alone. A huge percentage of cases, in fact, are perpetrated by two or more players collaborating together. In order to catch suspicious activity, then, it makes sense to watch...