In the series A Song of Ice and Fire which begins with the book A Game of Thrones, by George RR Martin, we are introduced to the Wall and the Night’s Watch. The Wall is an immense fortification on the northern border of the Seven Kingdoms that defends the realm from “what lies North [...]
Posts Tagged ‘audit’
The Night’s Watch and the Wall of risk management
Posted in My Opinions, Risk management, Books, leadership, tagged audit, risk management, CRO, A Game of Thrones, Night's Watch, Westeros, Wall on January 20, 2012 | Leave a Comment »
The iPhone 4S of enterprise risk management
Posted in Thought Leadership, My Opinions, Risk management, Frameworks, tagged ERM, audit, risk management, PwC ERM, change management, iPhone, Black Swan, leadership, Taleb on January 18, 2012 | 1 Comment »
Last year Apple released the iPhone 4S and critics pointed out it was pretty much the iPhone 4 with a big-s glued on. Although there were some minor improvements from the iPhone 4, overall it was pretty much the same phone. After reading the ERM white paper “Black Swans Turn Grey” from PwC, it [...]
When treating a risk creates another risk and so on and so on
Posted in Books, ERM Basics, Humour, Lean Six Sigma, My Opinions, Risk management, tagged audit, Bryson, impact, likelihood, Luftwaffe, mitigate, risk management, risk treatment, spreadsheet risk on June 21, 2011 | 3 Comments »
Sometimes in an effort to treat an issue, we generate a different risk or increase an existing one in the process. Many of us can relate to when the internal auditors come in, look at existing processes and weak controls and “strongly suggest” that management fix the problem. Quickly. Management’s solution is often a series [...]
Leech shares his thoughts on the Board oversight of risk
Posted in Frameworks, Thought Leadership, tagged audit, COSO ERM, disclosure, Norman Marks, regulatory risk, SEC, Tim Leech on December 18, 2009 | Leave a Comment »
Please have a read at what Tim Leech has to say about the SEC’s new enhanced proxy disclosure requirements and new rules around the Board oversight of risk, in his IIA blog found here: http://www.theiia.org/blogs/leech/index.cfm/post/New%20U.S.%20Disclosures%20-%20Board%20Oversight%20of%20Risk He notes that while you will benefit by reading this document, it is not recommend for fireplace reading during the [...]
Internal audit is not risk management even in New Zealand
Posted in My Opinions, tagged 4360, audit, Marsh, New Zealand, risk on November 19, 2009 | 1 Comment »
Keeping with today’s theme “internal auditors are not risk managers”, here’s something I quite enjoyed courtesy of a report from Marsh in New Zealand called The 2008 State Sector Risk Management Practices Report. Page 17 it reads: Internal Auditors play an important role in evaluating the risk management processes of an organisation and advocating their [...]
Internal auditors get my goat
Posted in My Opinions, tagged audit, COSO ERM, Enron, goat, Sarbanes-Oxley on November 19, 2009 | Leave a Comment »
Here’s one of those articles that would get my goat if I owned a goat. It’s the typical rah-rah article about how wonderful ERM is and everyone should be doing it. (I am always a proponent of those.) But the fact that it was published at a site called WebCPA should have tipped me off [...]
Spreadsheet risks (a comedy of errors)
Posted in Risk management, tagged audit, causal chain, Forrester, spreadsheet risk on September 8, 2009 | 3 Comments »
Here is a pretty good read by Forrester called “Controls to Mitigate Spreadsheet Risk” about the risks inherent in using spreadsheets; it includes a list of common spreadsheet risks including these: Lack of audit trail Poor security and access controls History of errors and fraud Many of these are root causes of downstream outcomes like [...]
Risk Management is not Internal Audit
Posted in ERM Basics, Risk management, tagged audit, control, ERM, zombie on August 25, 2009 | Leave a Comment »
Risk management is looking forward Risk management is when you are driving your car on a foggy night and you cannot see more than 10 feet in front of you – there may be something out there: perhaps a deer, another vehicle or a zombie hitchhiking. But you don’t know when or if you will [...]
