In our previous posts in this series, we introduced Enterprise Risk Management (ERM) as a “portfolio view” of risk and discussed various aspects of implementing ERM: roles, culture, a framework and preparing your organization. Now, we’ll begin looking at the “big picture” viewpoint of risk, starting with identifying and prioritizing risks. In the ERM process, management (1) determines acceptable levels of risk, (2) identifies and measures risks throughout the entire organization and aggregates the results, and (3) determines if the aggregated results exceed the acceptable levels. Risk Appetite and Risk Tolerance are the expressions of the “acceptable levels” of risk.
Topics: Enterprise Risk Management (ERM), Enterprise Risk Management, Enterprise Risk Management, ERM, Risk Appetite, Risk Capacity, Risk management, Risk Management Blog, Risk Tolerance
In our previous blog posts, we introduced Enterprise Risk Management (ERM) as a strategic discipline that affords a "portfolio" view of risk and we outlined how to establish roles and a context for ERM implementation.
Topics: Enterprise Risk Management (ERM), Enterprise Risk Management, Enterprise Risk Management, ERM, ERM Framework, Risk Appetite, Risk Management Blog, Risk Register, Risk Tolerance
The holiday season usually means new tech gadgets for everyone to tap, swipe, click, and download. Most people who unwrap a new iPhone, MacBook, Smartwatch, Fitbit, or game console probably aren’t considering the ramifications of connecting those devices to the Internet and setting up new user accounts filled with their personal information. Unfortunately, we live in a time where have to, or at the very least, should.
Topics: Change Password Often, Cyber Breach, Cyber Security, Personal Cyber Risk, Risk Management Blog, Risk Tolerance, Total Cost of Risk (TCoR), hacking,