Risk management consultancy and training services
During the Banking Royal Commission, we have heard evidence of appalling behaviour by Australia’s major banks and financial planners from the past decade, including alleged bribery, forged documents, repeated failure to verify customers’ living expenses before lending them money, and selling insurance to people who can’t afford it. In one example, ANZ admitted at the royal commission that it doesn't actually verify a
Read MoreI have previously written in relation to the measurement of control effectiveness (Risk Tip #2- Control Effectiveness), but in this latest instalment of my Risk Tip series, I want to show why it is so important, not only in the management of risk, but also how it relates to the achievement of our organisational outcomes. Let’s start at the very
Read MoreI have discussed the importance of controls and their effectiveness to the risk management process in many forums including Risk Tip #2- Control Effectiveness. It is still my belief that the management of risk cannot be effective unless an organisation understands not only what controls are in place, but, more importantly, how effective they are. I have recently worked with
Read MoreRisk Tip # 10 – Post Event Analysis “We learn from history that we do not learn from history.” Georg Wilhelm Friedrich Hegel No matter how well an organisation manages risk, there will still be occasions where incidents occur i.e. risks are realised. In organisations without a well-structured risk management program, these events will likely be dealt with, but not
Read MoreMany organisations maintain an incident database to record the incidents that occur. What I have observed, however, is that the incident databases are not being used to their full effect in that there is no linkage to the risk register. This blog will describe why the linkage is so important and, how to get the most out of your incident
Read MoreOne of the plans that I see almost universally in government organisations, as well as in many large private companies, is the Fraud Control Plan. It’s usually in place to highlight the organisation’s approach to preventing, detecting and responding to fraud. In my experience, however, these documents just become shelf ware until the next time it is mandated that they
Read MoreIn mid-February KFC announced that it was shutting the majority of its stores across the UK and Ireland due to, of all things, a chicken shortage that was caused by the introduction of a new delivery contractor, that had taken over from an established food distributor that had worked with the fried chicken brand for some years. A crisis of
Read MoreI love reading risks treatments in risk registers – they are always so descriptive. Some of the treatments I have taken from risk registers over time are shown below: better communication; training in contract management; rolling fraud audit program; additional physical security; more management oversight and action; better change management; and/or recruit additional staff. increased monitoring and inspections; improved control
Read MoreOn Saturday 13th January 2018, the Hawaiian Emergency Management Agency (HEMA) sent out a missile alert: What followed were scenes of absolute fear, confusion and chaos as Hawaiians sought shelter where they could: under bridges, in underground shelters, with video even emerging of a father lowering his child into a drain so she would be shielded from any blast. Problem
Read MoreIt may seem obvious but, fundamental to the effective management of risk, it is essential that we actually understand what a risk is. From the outset let me be frank, I consider the definition of risk management in ISO 31000 (the effects of uncertainty on objectives) to be confusing, and, utterly ineffectual as a definition. I make this quite clear
Read More