Risk Tip # 7 – Risk Ownership- let’s turn it on its head
For too long, risk ownership has been pushed down to the lower levels of organisations in the belief that ownership of the risks should reside with managers that own the specific functions. On the surface, that may seem reasonable and appropriate, however, over the last few months I have taken a different view that may […]
Cyber Attack is not the Risk
Reports emerge on a regular basis of attacks that have impacted government and private sector organisations alike. Insurance firms now offer policies to protect against cyber-attack and the Australian Government has even appointed a special advisor to the Prime Minister on cyber security. Not to mention that consulting companies with a speciality in all things […]
Paladin and Soldier On reach significant milestone
Recently, Paladin Risk Management Services provided a course to the 50th participant to come through the program with Soldier On. Set up in 2016, the program provides free courses to any member of Soldier On who has been affected by their service, whether physically, mentally or both. I am extremely proud of this association. As […]
Paladin’s Ten Year Anniversary
I am celebrating 10 years of Paladin Risk Management Services. In this podcast I reflect on how risk management has developed over those 10 years and some of the challenges still facing organisations. I’m looking forward to the next ten.
RIP ISO 31000??
In 2009, the ISO 31000 Risk Management Principles and Guidelines was released with much fanfare. It was hoped that the introduction of an international standard would provide legitimacy to risk management and standardise approaches across the world. There was an opportunity for those conducting the review of ISO 31000 (draft released in March 2017) to […]
Risk Tip #6 – Managing Shared Risk
I have often been asked to provide insight into the management of shared risks, particularly by those working in Commonwealth Government Departments. Element 7 of the Commonwealth Risk Management Policy states that: each entity must implement arrangements to understand and contribute to the management of shared risks. It goes onto to define shared risks as: […]
Risk Tip #5 – Hungry to understand risk appetite?
I have watched with significant interest and with quiet amusement over the last few years, at the rise and rise of risk appetite. The emphasis on risk appetite in on-line risk forums would lead you to believe that without risk appetite being defined, it is impossible to manage risk. Most guidelines and standards for risk […]
Risk Tip #4 – Communication and Consultation
The fourth in my risk tip series addresses communication and consultation for an individual risk amongst stakeholders. Stakeholders aiming for or in business for a common cause, will talk about communication, but just how many actually fathom the breadth of the stakeholder community for an individual risk? It is certainly part of the risk management […]
Risk Tip #3 – Developing a Consequence Matrix
The third in my risk tip series is one that has arisen from my observations of consequence matrices over the last few years. This blog isn’t about how to assess consequence, but more importantly, what to assess it against. In Risk Tip #1 I addressed the issue of likelihood and how difficult, if not impossible, […]
Risk Tip #2 – how do we measure control effectiveness?
Measuring control effectiveness is difficult for many organisations (if not most). What worries me is how often I come across the ‘guess work’ that goes into measuring control effectiveness when what’s actually needed is evidence to prove the controls in place are right for the resources, budget and risk. What I find fascinating is that […]
