The Keys to Managing Risk

Risk cannot be avoided or eliminated entirely.  In fact, no organization can grow without taking some level of risk.  The keys to successful risk management at a basic level include:

• Calculating the organization’s acceptable appetite for risk.
• Making choices and tradeoffs based on the magnitude, frequency, and types of risk the organization is likely to encounter.
• Understanding and accounting for different types of risk:
• Hazard risk – insurable natural hazards and accidents.
• Operational risk – regulatory and contractual compliance, succession planning, human resources, fundamental systems and processes.
• Strategic risk – adjusting to changes in the marketplace, customer priorities, politics, regulations, etc. 
• Establishing and enforcing policies and integrated compliance mechanisms.

Governance, Risk & Compliance

As companies invest more in sophisticated Enterprise Risk Management (ERM) processes, the focus of corporate compliance and risk management executives today has shifted beyond legal and financial compliance, such as SOX, PCI-DSS, and software licensing. The emerging trend is the integration and alignment of Governance, Risk Management and Compliance (GRC), with an emphasis on enhancing business value by improving operational decision making and enterprise-wide strategic planning.

Strategic Alignment & New Challenges

Whatever the acronym, the objective is universal: the alignment of strategy, policy, processes, IT and people to minimize risk, improve efficiency and enhance productivity throughout the enterprise. Senior managers will need to spend more time on strategic risk mitigation, and a new generation of compliance and risk management experts will need deeper business knowledge, strong quantitative skills, interdisciplinary qualitative judgment and communication prowess.