Entering a New Market Gone Wrong

Guest Post by John Ayers (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

This risk story includes risk at the enterprise level, the program/project level, and the product level.  From the enterprise level risk, it was a little naïve on my company’s part to think they could go from zero not having manufactured any sonobuoys previously) to full up production the first time around without investing the time and finances to go up the learning curve prior to making the bid.  From the program/product level risk viewpoint, the baseline plan did not include sufficient component and subassembly trial builds and testing before finalizing the concept, preliminary design and final design. [Read more…]

Political Risk and Enterprise Risk Management

Guest Post by James Kline (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Former Secretary of State Condoleezza Rice PhD.  and Amy B. Zegart PhD.  have written a book called Political Risk: How Businesses and Organizations Can Anticipate Global Insecurity.   It has received good reviews.  Having read the book, I would concur.  It is an important book for those concerned with the increasing volatility and associated risk of the global economy. This piece discusses the relationship between Political Risk and Enterprise Risk Management (ERM). [Read more…]

Ugly Communications

Guest Post by Malcolm Peart (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Good communication; the effective and efficient issue and receipt of the right information, by the right parties, at the right time, and in the right medium allowing both timely responses and decisions.  It’s easy on paper and in theory but oftentimes the ‘noise’ in the communication channels are blamed for ‘bad’ communication. [Read more…]

Risk Modeling and Business Continuity

Guest Post by Geary Sikich (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Risk modeling is a useful tool for business continuity managers, but over-reliance and flawed approaches can create difficulties.  

Introduction

Fundamental uncertainties derive from our fragmentary understanding of risk and complex system dynamics and interdependencies. Abundant stochastic variation in risk parameters further exacerbates the ability to clearly assess uncertainties. [Read more…]

Supply Chain Cyber Risk Management

Cyber security risk is among the most critical risks to the supply chain:

“Cyber and data privacy breaches are perceived to be the largest threat to the stability of transport and logistics, with the sector facing potential breaches of $2 trillion by 2019.”[i]

The reality of a cyber-crime is not if, but when, and how damaging it will  be.  The inevitability of a cyber-attack has forced end-product manufacturers to reassess every element of the end-product manufacturer from product design, outsourcing, and servicing the product. [Read more…]

Lessons Learned: Seldom Remembered: Soon Forgotten

Guest Post by Malcolm Peart (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Something on the Project goes wrong and is fixed – “Let’s put this down for lessons learned” goes the management mantra.  But was this experience just a failing that should not have happened in the first place and relearning a previously taught, but now forgotten, ‘lesson’?

If we don’t learn then the same mistakes will be made and possible opportunities will be missed and, as Edmund Burke the 18th Century Irish Statesman said, “Those who don’t know history are destined to repeat it“.  But why do we forget our lessons?  Abe Lincoln said “Lessons not learned in blood are soon forgotten” reflecting that loss in some form such as money, property, or reputation, not necessarily blood, is needed to ensure that memory is ingrained and can be recalled.

Lessons that are remembered after the fact tend to add insult to injury; when you’re up to your neck in alligators you then remember that distant lesson about draining the swamp! [Read more…]

Guest Post by James Kline (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

City Risk Index and ERM

Recently, Lloyd’s of London in conjunction with the University of Cambridge Center for Risk Studies, published the results of their global risk analysis.  Lloyd’s document is entitled “Lloyd’s City Risk Index: Executive Summary”.  Cambridge has entitled theirs “Cambridge Global Risk Outlook 2017”.   This is their second risk assessment.  The first was published in 2004.

The index is a ten-year projection based on twenty-two threats to 300 hundred of the world’s leading cities.  The 300 cities account for half of the world’s Gross Domestic Product (GDP).  This piece discusses the results of the study and its implication for the application of Enterprise Risk Management (ERM). [Read more…]

What Happened to General Electric?

General Electric (GE) for many years was the go-to company for competitiveness, efficiency, and innovation. General Electric’s  tagline was ‘Imagination at work.’

GE more recently has had a number of troubles.  GE’s profitability tanked. GE is selling many of its assets and divisions. GE was also taken off the Dow after 110 years. [Read more…]

Taking on Unnecessary Project Risk

Guest Post by John Ayers (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

This story is about risk at the enterprise program/project level.  It is an example of centering your design around a high-tech solution to a problem when a low risk proven technology would have more than sufficed.   Technical expertise ego got in the way of a practical low-cost approach resulting in unplanned schedule and cost growth. [Read more…]

Using IOT Intelligent Things to Monitor Risk in Real-time

Although in ISO 31000 monitoring risk is another of its key tenets, I again see little monitoring in most risk management systems. Periodic review, dashboards, heat maps, and KRI reports are all Review (a different ISO 31000 tenet) not monitoring. IoT technology can deliver real-time monitoring of risk for more than just physical environmental metrics.

To monitor means to supervise and continually check and critically observe. It means to determine the current status and to assess whether or not the required or expected performance levels are actually being achieved. [Read more…]

Risk and the Limitations of Knowledge

Guest Post by Geary Sikich (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Awareness of risk can lead to unforeseen risk behaviors based on knowledge that is sufficiently convincing to lead to false positives.

“The more you know, the more you know you don’t know.”

― attributed to Aristotle

[Read more…]

Using Big Data to Identify Trends and Evolving Risks

Guest Post by Greg Caroll (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Probably one of the most recognized but least understood disruptive technologies for Risk Management in the 2020’s is Big Data. [Read more…]

The Future of Enterprise Risk Management in the 2020’s

Guest Post by Greg Caroll (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

The 2009 release of ISO 31000 was the first step across the threshold into 21^st century risk management. Unfortunately the industry that has developed around it has firmly grabbed the doorway and won’t let go.  Although the latest revisions make references to decision making and integration into functional purpose, it totally misses the point of risk management, which is to assist navigating a complex world. [Read more…]

Good Communication — Illusional, Accidental, or Premeditated

Guest Post by Malcolm Peart (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Firstly, what is ‘good communication’?  Many people have views, but my definition is “the effective and efficient transfer and receipt of information by the right people, at the right time, in the right medium, at the right place and in the right amount”. [Read more…]