In this blog we discuss the consequence matrix and in particular the rating that you should apply for those consequences.
This blog post explains how we derive risks treatments from particular risks and can you reduce the likelihood of that risks by adding more treatments?
Risks can fall upon multiple functional areas. This blog post covers shared risks and the challenges that arise for organisations in risk management.
In previous blogs we have talked about risk events, in this blog we discuss how to frame risk.
A lot of times organisations have fraud registers and fraud risk registers, but are they actually managing the risk? In this blog we explain how they should focus their efforts in identifying fraud-hot spots.
Monitor and review helps the risk management process by continuously determining the level of risk and priority to the organisation
The risk registry helps organisations effectively manage their risks. This blog post outlines what should and shouldn’t be included in a risk registry.
Accountability is an important part of risk management with three categories of risk owners. In this blog we discuss the emphasis of risk ownership and how effectively that risk is managed.
Some of the topics in the next the e-book, which will come out early next year. include consequence base risk identification, consequence based risk reporting, consequence based auditing.
In this session, what I am going to talk about and expand on, is something I have talked about before which is the effectiveness of current controls. As I said in a previous blog, the effectiveness of your current controls that you have in place in your organisation is going to determine how likely a particular event is likely to occur.