Risk Management: Newsletter - Jan 2023
Risk Management
Making decisions concerning risks and their subsequent implementation and flows from risk estimation and risk evaluation
Of the 493 posts published to the? Risk Management ?showcase page during January 2023, which generated 320,462 views, 92,514 clicks and 3,121 likes, here are the top 12, based on volume.?Tony Ridley, MSc CSyP MSyI
Apologies for all the orange; it seems to be a popular colour this month ??
Risk Models, Formulas and Frameworks: Human Factors
"One reason for the survival of such simplistic and contradictory positions is political convenience. Some people want the lay public to participate actively in hazard management decisions, and need to be able to describe the public as competent; others need an incompetent public to legitimate an expert elite. A second reason is theoretical convenience. It is hard to build models of people who are sometimes wise and sometimes foolish, sometimes risk seeking and sometimes risk averse. A third reason is that one can so effortlessly speculate about human nature and even produce a bit of supporting anecdotal information. Indeed, good social theory maybe so rare because poor social theory is so easy."
Fischhoff, B., Slovic, P., & Lichtenstein, S. (1981). Lay foibles and expert fables in judgements about risk.?Progress in resource management and environmental planning,?3, 161-202.
"The Biggest Global?#Risks?of 2023: The profile of risks facing the world is evolving constantly. Events like last year’s invasion of Ukraine can send shockwaves through the system, radically shifting perceptions of what the biggest risks facing humanity are.
Today’s graphic summarizes findings from the?Global Risks Report, an annual publication produced by the World Economic Forum (WEF). It provides an overview of the most pressing global risks that the world is facing, as identified by experts and decision-makers.
These risks are grouped into five general categories: economic, environmental, geopolitical, societal, and technological."
From the same experienced, reliable and qualified source the produces this newsletter, with tens of thousands of followers and millions of content views over the past year.?https://www.patreon.com/riskmanagement
"Stating?#risks: causes, events and consequences. In stating risks, care should be taken to avoid stating consequences that may arise as being the risks themselves, i.e. identifying the symptoms without their cause(s). Equally, care should be taken to avoid defining risks with statements that are simply the converse of the objectives, i.e. failure to achieve the intended output/outcome.
Organisations typically assess consequences using a combination of criteria, which commonly include financial, reputational, legal, regulatory, safety, security, environmental, employee, customer and operational effects. The criteria used should be dynamic and should be periodically reviewed and amended, as necessary. Scales should allow meaningful differentiation for ranking and prioritisation purposes based on assigning values to each risk using the defined criteria.
When assigning a consequence rating to a risk, the rating for the highest, most credible worst-case scenario should be assigned. "
"'Cyber incidents have been increasing in frequency and cost in recent years, with some resulting in hundreds of millions of dollars in losses. There is marked variability from study to study in the estimated direct and systemic costs of cyber incidents, which is further complicated by the considerable variation in?#cyberrisk?across countries and industry sectors. In many cases, comparing research studies is complicated by a lack of transparency in methodologies, assumptions, and data sets used. The goal of this research was to produce a transparent methodology for estimating present and future global costs of cyber risk, acknowledging the considerable uncertainty in the frequencies and costs of cyber incidents. "
"In successful organisations,?#riskmanagement?enhances strategic planning and prioritisation, assists in achieving objectives and strengthens the ability to be agile to respond to the challenges faced. If we are serious about meeting objectives successfully, improving service delivery and achieving value for money, risk management must be an essential and integral part of planning and decision-making. While?#risk?practices have improved over time across government, the volatility, complexity and ambiguity of our operating environment has increased, as have demands for greater transparency and accountability for managing the impact of risks. This updated guidance builds on the previous Orange Book to help improve risk management further and to embed this as a routine part of how we operate.?"
Evidence- Based Practice(s) in Risk Management
"“Evidence-Based”: 1) Denoting an approach to medicine, education, and other disciplines that emphasizes the practical application of the findings of the best available current research. 2) A systematic process where-by decisions are made, and actions or activities are undertaken using the best evidence available. The aim of evidence-based practice is to mitigate subjective opinion, unfounded beliefs, and bias from decisions and actions in organizations.?"?Karim Vellani, CPP, CSC?IAPSC
"#Riskmanagement?has perhaps never been more important than it is now. The risks modern organizations face have grown more complex, fueled by the rapid pace of globalization. New risks are constantly emerging, often related to and generated by the now-pervasive use of digital technology. Climate change has been dubbed a "threat multiplier" by risk experts.
A recent external risk that manifested itself as a supply chain issue at many companies -- the coronavirus pandemic -- quickly evolved into an existential threat, affecting the health and safety of their employees, the means of doing business, the ability to interact with customers and corporate reputations.
Businesses made rapid adjustments to the threats posed by the pandemic. But, going forward they are grappling with novel risks, including how or whether to bring employees back to the office and wha
"Whilst there is wide-ranging guidance on the development of?#riskappetite?statements, much of it is focused on the financial services sector. Clear and helpful risk appetite statements are more easily developed in organisations which can apply consistent units of measure to inputs and outcomes and can look at aggregated portfolio risks in these units, such as £x ($x). Just as there are different approaches taken to the development of risk appetite statements in the private sector, development in the public sector requires a considered approach to reflect that public services realise value to diverse timeframes and utilise varied units of measure to assess public value in their outcomes."
Your view is NEVER the whole picture. That is, the perspective, data, information, analysis, view, awareness and/or perception of any given threat, hazard, peril, danger or matter(s) labelled '#risk' is never the whole story, complete picture or wholesale, objective view of the world, events or issues. Moreover, your view, let alone perception and perspective, is highly unlikely identical to those around you. Even if they are standing right next to you. Even if you have the courage, means, expertise or opportunity to speak up or communicate your own view(s), particularly if you are consuming information, content, data or news through a chosen, available, specific or paid 'lens'.
As obvious as this may seem, it needs frequent repeating, primarily when representing, evaluating or communicating 'risk' in any and all forms. Because perceptions, tolerance and prioritisation of risks are socially constructed and value, judgement laden, lacking universal constructs or shared ideology. Risk is, therefore, NOT simply a matter of probability and impact or similar reductionist, naive empiricism/scaling or deterministic construct(s). As a result, no matter your elevation, lofty titles or views, one will never see the complete or whole picture. Even this graphic is but a window of a broader narrative and existence, especially when it comes to issues such as politics, sociology, criminology, safety and security.
领英推荐
"As 2023 begins, the world is facing a set of?#risks?that feel both wholly new and eerily familiar. We have seen a return of “older” risks – inflation, cost-of-living crises, trade wars, capital outflows from emerging markets, widespread social unrest, geopolitical confrontation and the spectre of nuclear warfare – which few of this generation’s business leaders and public policy-makers have experienced. These are being amplified by comparatively new developments in the global risks landscape, including unsustainable levels of debt, a new era of low growth, low global investment and de-globalization, a decline in human development after decades of progress, rapid and unconstrained development of dual-use (civilian and military) technologies, and the growing pressure of climate change impacts and ambitions in an ever- shrinking window for transition to a 1.5°C world. Together, these are converging to shape a unique, uncertain and turbulent decade to come.?"
The Evolving Risks Landscape, 2009 – 2019
"Risk Assessment is a systematic approach to identify hazards, evaluate risk and incorporate appropriate measures to manage and mitigate risk for any work process or activity.?"
"This Guidance has been prepared with a focus on how the Board can carry out its responsibility of risk?#governance?of the company. The Guidance is intended to provide key information on risk governance to all Board members. This includes factors which the Board should collectively consider when overseeing the?company‘s?risk management framework and policies. The Guidance also spells out the Board‘s and Management‘s respective?responsibilities?in managing the company‘s risks.?In particular, the Council hopes that the Guidance will assist the Board, as well as Management, of small to mid-capitalised listed companies in the risk governance of their companies."
"In successful organisations?#riskmanagement?enhances strategic planning and prioritisation, improves service delivery, assists in achieving objectives and strengthens the ability to be agile to respond to the challenges faced. This can only be achieved through the effective understanding and application of risk management frameworks, standards, tools and techniques, supported through relevant training and qualifications for key stakeholders. This must be accompanied by engaged senior leaders, effective communication and a clear understanding of the organisation, its culture and its operating environment to inspire confidence across all levels.?"
"Risk Management Categories: strategy, governance, operations, legal, property, financial, commercial, people, technology, information, security, project/programme & reputational"
"This guidance outlines principles and key considerations for organisations to apply when designing and developing? #risk?reports. The principles detailed in this guide are based on best practice developed and refined within the Civil Service risk management community. It is intended for both risk professionals and senior leaders responsible for managing risks and prioritising resource allocation.?This guidance is tailored to support the effective reporting of principal and emerging risks in an?#enterpriseriskmanagement?context.?"
"The Risk Management Assessment Framework (RMAF) is a tool for assessing the standard of?#riskmanagement?in an organisation. It is offered as an optional tool to help collect and assess evidence.?It is intended that it can be used flexibly to replace or augment existing evaluation arrangements as appropriate. The top-level framework and the seven key questions can be used with or without the supporting question sets and/or the quantified ‘levels’ scale. The Framework can also be used centrally or devolved for self-assessment by business units or used cooperatively with partner organisations. Where business units deliver a discrete activity or where agencies are responsible for their own compliance, then self-assessment using the Framework should be useful to all parties in evaluating?#risk?management performance and areas for improvement.?"
Founded and directed by?Tony Ridley, MSc CSyP MSyI, Risk Management is the culmination of decades of research, advanced analytics in risk sciences and extensive international, professional risk management experience for governments, corporates, and commercial service providers.
?Membership will give you monthly access to the world's largest, curated risk management body of knowledge. Providing bulk access to thousands of resources, ongoing articles, educational videos and expert webinars, choose a level of membership and access best suited to your needs, experience and budget. We offer considerable value at all levels.?
"#Businesscontinuity?is the key discipline that sits at the heart of building and improving the?#resilience?of organizations. It is a tried and tested methodology that an organization should adopt as part of its overall approach to managing risks and threats. Business continuity management identifies an organization’s priorities and prepares solutions to address disruptive threats. This understanding supports the design and implementation of plans to protect and continue the value creating operations of an organization in the event of any disruption. An effective business continuity programme supports the strategic objectives of the organization and proactively builds the capability to continue business operations in the event of disruption. The programme includes the identification of?#risks?and threats, the creation of response structures and plans to address incidents and crises, and promotes validation and continuous improvement. The programme is flexible to changes in the internal and external operating environment and delivers measurable value to the organization.
Business continuity is relevant and applicable to all industry sectors and organizations regardless of size, complexity, type, and location."
Don't forget, for more members only, exclusive content, got to:
or via this link https://www.patreon.com/riskmanagement
Risk, Resilience, Safety, Security & Management Sciences
Realtor Associate @ Next Trend Realty LLC | HAR REALTOR, IRS Tax Preparer
2 年Thanks for the updates on, Risk Management Newsletter ??.