Hurry Up and Slow Down

Guest Post by Joseph Paris (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

I just got off the golf course hitting 9-holes with my Pop, who is 84 years old.  God bless him, I hope he has many more rounds to play and I look forward to getting out as often as I can with him.  We played the En-Joie Golf Club; a stop on the PGA Tour from 1972 to 2005 when the BC Open was played there – and now, as the Dick’s Sporting Goods Open, which is a stop on the Champions Tour. 

It is unique in that the course is owned and operated by Broome County.  This means that anyone off the street can play a PGA course for municipal rates, which top-out at $49 for 18-holes with a cart on summer weekends (it can be less, depending on date, day of the week, and time). [Read more…]

Project Risk and Emergency Management: Response or Reaction

Guest Post by Malcolm Peart (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

In project management we can’t always be in control of the environment around us.  We can only forecast rather than predict risk and despite our ‘reasonable’ or even ‘best’ efforts to mitigate risk; shit happens and emergencies ensue!  It’s not just physical emergencies but also those related to time and cost; overbudget or late projects can create an emergency for stakeholders. Perhaps it’s because we tend to look at the ‘big risks’ or the ‘top ten’ after some semiquantitative assessment but then fail to consider that risks can change with time as more information becomes available.  Or, maybe it is because only those risks that can be clearly defined and are ‘likely’ are communicated to the eyes and ears on the ground.  Those low probability, high impact risks can tend to slip under any risk radar.

Then there is the matter of ‘optimism bias’ and a belief that ‘nothing can go wrong’ or that ‘risk only happens to other people’. Or perhaps, it’s just a matter of management not appreciating what is going on and ‘taking their eye off the ball’. [Read more…]

The 2019 State of Risk Oversight

Guest Post by James Kline (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

In my article in CERM Insights #240, I discussed the results of the risk survey conducted annually by the World Economic Forum.  The survey respondents are considered the economic elite.  The responses provide an indication of the concerns of the movers and shakers of business.  Consequently, the questions asked, and the risk concerns expressed are more policy oriented. [Read more…]

Changing the Game: Reputation Risk in the Cyber Era

Guest Post by Geary Sikich (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Merriam Webster Dictionary defines reputation as:

1a: overall quality or character as seen or judged by people in general

b: recognition by other people of some characteristic or ability has the reputation of being clever

2: a place in public esteem or regard: good name; trying to protect his reputation

Google Dictionary:

the beliefs or opinions that are generally held about someone or something.

“his reputation was tarnished by allegations that he had taken bribes”

a widespread belief that someone or something has a particular habit or characteristic.

“his knowledge of his subject earned him a reputation as an expert”

[Read more…]

ISO 31000:2018 Certification: The Next Big Thing!

ISO 31000:2018 is the world’s foremost risk management standard.  The Standard provides guidelines, principles, framework, and a process for managing risk.

The standard explicitly states that it should NOT be used for certification or registration.  But, it is.

So, what’s going on?  We can only speculate.  But, here goes:

We now live and work in VUCA (Volatility, Uncertainty, Complexity, Ambiguity) time.  More  companies want to be RISK audited and certified by an independent Certification Body (CB).

And, more CB’s are working to use ISO 31000:2018 as a standard for certification. [Read more…]

Trade War and Supply Chain Risk Management

For the last few months, I’ve been giving talks on the trade war between US and China.  A few of these talks have been in the US.  Others were skyped to China.

The bottom line is that trade between the US and China has been weaponized.

The Wall Street Journal on December 13, 2018 distilled the challenge:

“… it is questionable whether fragile globalized supply chains can thrive at all in an environment where the world’s two largest economies are disinclines to play by the rules, even their own.”

Our response is that risk (threats and opportunities) is the new lens by which end product manufacturers (brand owners) will have to view China off shoring, on shoring, and sourcing in general. [Read more…]

Conundrum: Global Warming – Electric Demand

Guest Post by Geary Sikich (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

We hear so much about global warming, climate change and disruptive weather these days.  It is often difficult to understand what is fact, truth and valid from hype, hysteria, and hyperbole.  Should we all be driving electric cars, not eating as much meat, using wind and solar; redefining our lives?  Or, should we forget about it and continue doing what we have been doing since the early days of the industrial revolution?  [Read more…]

Failing Projects – A Sum of All Fears

Guest Post by Malcolm Peart (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

What is ‘the sum of all fears‘…apart from a Hollywood movie?  During WW2 Winston Churchill knew the risk of failure and he postulated that, even when courageous people amalgamate, they will know fear:

“…take the most gallant sailor, the most intrepid airman or the most audacious soldier, put them at a table together – what do you get? The sum of [all] their fears”. War is a much more serious endeavour than any civilian project but fear is fear.  If a project teeters into trouble the Project Team will fear failure.  They must then deal with this reaction and have the courage to overcome trouble and avoid failure. [Read more…]

Black Swans or Just Wishful Thinking and Misinterpretation

Guest Post by Geary Sikich (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

There seem to be a lot of sightings of “Black Swans” lately. Should we be concerned or are we wishfully thinking, caught up in media hype; or are we misinterpreting what a “Black Swan” event really is? The term “Black Swan” has become a popular buzzword for many; including, contingency planners, risk managers and consultants. However, are there really that many occurrences that qualify to meet the requirement of being termed a “Black Swan” or are we just caught up in the popularity of the moment? [Read more…]

Project Organizations – Harmony or Cacophony

Guest Post by Malcolm Peart (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

In a galaxy far-far-away a Jedi Knight said, “Integrated Matrix” and, with a sweeping wave of his hand, the project organisation was immediately taken from the Dark side of chaotic confusion and the Force was with them…

This could be the end to a Star Wars movie about project management (LOL).  However, and with few earthbound Jedi project management practitioners, our project organisations are rarely perfect and not what they would claim to be. [Read more…]

Resilience and Enterprise Risk Management

Guest Post by James Kline (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

The term resilience is used in reports and studies by numerous government agencies and international institutions.  For instance, in 20014 the Organization forEconomic Cooperation and Development issued a report entitled “OECD Reviews ofRisk Management Policies: Boosting Resilience Through Innovative Risk Governance”.

In 2015, the Rand Corporation conducted a study to the UnitedStates Department of Energy.  It was entitled: “Measuring the Resilience of Energy Distribution Systems”.  Resilience is considered important by insurance experts. The National Academies of Sciences, Engineering and Medicine note the need for resilience when updating the National Highway System. This piece examines why it is important, what resilience means and its relation toEnterprise Risk Management (ERM). [Read more…]

Build Organizational Capacity and Capability for Free

Guest Post by Joseph Paris (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

I was coaching one of the national oil companies in the Middle East, offering mentorship to the director of their operational excellence program.  He was frustrated because he had invested considerable funds building a team of sixty Lean Six Sigma Black Belts over a nine-month period, and they had not yet worked on—much less completed—any project nor had they realized any benefit to the company.

Even worse, while these newly-minted Black Belts were sitting idle without the opportunity to use their new-found skillsets, some became frustrated themselves and left the company—taking the company’s investment with them. [Read more…]

ISO 31000 in Government: A Case Study

Guest Post by James Kline (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

ISO 31000 is the International Enterprise Risk Management (ERM) framework developed in 2009 by the International Organization for Standardization (ISO).  Its use in government is increasing.  The reason for the increase is that governments around the world are recognizing that risk events are increasing in frequency and cost.  For instance, Hurricane Harvey impacted the States of Texas, Louisiana, Mississippi, Tennessee and Kentucky.  It flooded 19 water systems, 31 waste water systems and 13 super fund sites spreading toxic waste throughout the region.  It cost Texas $125 billion dollars. (1)   [Read more…]

Risk Management: Blame Allocation, Biased Opinion, or Objective Reality

Guest Post by Malcolm Peart (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

“I told you so…” is so often cried after something has gone wrong.  But was that ‘telling‘ stated clearly and unequivocally before things went wrong or was it merely a passing counterview against a probable likelihood based on an alternative possibility.

When a risk manifests itself and takes a grip on a project it’s amazing how quickly hindsight can kick in.  This comes in the form of free advice as to what could have happened to avoid the risk ‘after the fact’. These latter-day soothsayers were, for some reason or other, unprepared to prove their prophetic ability before the fact preferring, it would seem, to go with the flow as an uninvolved observer but officious bystander when all facts are revealed. [Read more…]

Focusing on the ‘Enterprise’ in Enterprise Risk Management

Guest Post by Robert Pojasek (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Why does COSO ERM:2017[i] use the word “enterprise” in the title of their standard and ISO 31000:2018[ii] is a “risk management standard?”  CERM Academy also has a book on this topic[iii]. So, what does the concept of an “enterprise” impart to an organization, if anything, to set apart the COSO standard from the ISO standard?

A search of the definition for enterprise covers the entire gamut of possible uses. There appears to be little difference between business enterprise and the business itself. [Read more…]