Greg Hutchins - Thought Leader

Guest Post by John Ayers (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Introduction

Risk management involves the identification of risks, prioritization of the risks based on probability of occurrence and impact of occurrence, and mitigation plans to control the risks.  Once identified and prioritized the question then becomes which risks should be incorporated into the schedule and which ones should be included in the risk register?

The general rule of thumb I have used requires risks with a 50% or greater probability of occurrence to be incorporated into the schedule. The other risks are entered into the risk register. [Read more…]

Guest Post by Greg Hutchins (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

When evaluating risk response strategies, executive management along with process owners must align risk responses with the organization’s risk appetite, business objectives, costs/benefits, and overall risk strategy/tactics. Risk response strategies and tactics may involve: [Read more…]

Guest Post by Geary Sikich (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Introduction

There’s always a story that explains why an event is a “Black Swan” – after the fact. Where are the “Black Swan” prognosticators before events occur? I see “after the fact” articles and statements, such as, “we knew that was coming” or “we predicted this” – all after the fact. Generally projections and predictions seem never to hold sway until after the fact. Predictions and projections never seem to occur when the prognosticator specifies — is it just that the timing never seems to work out – until after the fact. From Nostradamus to the “Bible Code” we are enamored with predictions – after the fact. Does there seem to be a theme developing here? [Read more…]

Guest Post by Geary Sikich (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Exposure to threats, hazards, and risks leads to vulnerabilities that an organization must deal with.

Commonly these are addressed via a mitigation process. Once mitigation is accomplished, often times the organization feels that the risk, threat, hazard does not need to be revisited. However, as a result of the mitigation efforts on the part of the organization, the risks, threats, hazards reconfigure and re-emerge in a different form.

In order for mitigation to be successful, it has to be a constant and ongoing process that produces a resilience to the negative effects of risks, threats, and hazards that are realized. [Read more…]

Guest Post by Geary Sikich (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Unpredictability is the New Normal

As the world approaches 7 billion in population this year, there is an ever-increasing demand for food, energy and a voice in how things are run. How do these changes affect business continuity planners, you may be asking?

The simple answer is, they will have far-reaching effects on how business continuity planning is conducted.

No longer can we be satisfied with the assurance that our “hot site” is available, or that we can maintain business operations in the face of a pandemic; or that we can deal with the aftermath of a natural disaster. [Read more…]

Guest Post by Geary Sikich (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Introduction 

There exists an overabundance of guidance for conducting risk assessments. Yet, it seems that we still have difficulty in getting risk assessments to reflect the appropriate level of concern for the identified risks that we are assessing. We also tend to view risk in relation to the place where we are employed and the industry that we work in. When we look at risk assessment from this perspective it should be clear that we are missing the point precisely, or at best, are being too narrowly focused, when it comes to assessing risk for our organizations. [Read more…]

Guest Post by John Ayers (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Six Sigma is a powerful tool used to solve a problem or improve a process. The company (one of the 4 big defense companies) I worked for over 20 years lived, breathed and ate it every day. I became a six sigma specialist. For those readers not familiar with six sigma, I offer the following example to hopefully provide some insight into how it works and the benefits it offers.   [Read more…]