by clicking the arrows at the side of the page, or by using the toolbar.
by clicking anywhere on the page.
by dragging the page around when zoomed in.
by clicking anywhere on the page when zoomed in.
web sites or send emails by clicking on hyperlinks.
Email this page to a friend
Search this issue
Index - jump to page or section
Archive - view past issues
GRC Professional : GRC Autumn 2013
RISK MANAGEMENT 19 DIRECTORS AND SENIOR MANAGEMENT are intelligent people who are committed to their job, but they do need a sophisticated understa nding of many management elements, from financial and strategic to the operating environment and competitive landscape, and importantly, risks and opportunities for the organisation in the short and long ter m. However, can they honestly claim to truly understand the reporting they are presented with or the risk appetite of the organisation? Their understanding of risk management reporting is cr ucial on several levels: • They may not always understand the technical detail, but they should be comfortable with the assessment and mitigation strategies for their key risks. • They should also be satisﬁed that the key risks have been accurately identified -- perhaps even taking an active debating role, to ensure everyone is across the organisation's strategy and objectives. • They should be able to discer n the difference between a risk that is quantifiable and analysable and those that are more 'uncertain'. • They should also recognise that operating in an environment where the execution of activities is dependent on hum an behaviour, as with many areas of operational risk, can render some of the evaluations less quantifiable, 'provable' or certain, because of the 'human element', and this should be taken up in the analysis. You may have to dispel the assumption that part of your role is to 'manage' all of the risks or minimise them. Some risks should be embraced, monitored and tackled head on. Others may be opportunities that they may want to prepare for, to be ready to take advantage of them (should they occur) further down the track. It should be clear what the nuances and benefits risk management can provide are, as well as its limitations. While you understand what they do and what their reports mean, the vital question is whether you can be certain that who you report to also understands. Engaging board in risk management Of all the things a risk manager does, communicating and reporting to the Board and senior management, and obtaining engagement, mandate and commitment from that level, can be one of the biggest challenges.
GRC Summer 2013