View in browser | Unsubscribe

The best way to manage risk is to plan for it and possibly avoid problems in the first place. In our organizations, managing risk requires forethought and knowledge of our operations in order to plan to avoid or mitigate risk. A disruption that doesn't happen needs no response. A potential disaster can be mitigated or avoided if we plan for it. This week our articles look at various aspects of risk and risk management.

Risk intelligence in these uncertain times calls for thinking above and beyond traditional business continuity planning. (Item #1) What's your risk appetite threshold? (Item #2) The failure to connect the dots in the company's risk management plans can be both costly and disastrous. (Item #3)

Are you prepared for the top 10 business risks of 2009? (Item #4) Read about some of the mistakes risk managers make. (Item #5) This guide recommends ways in which boards, senior management, and internal auditors can fight fraud in their organization. (Item #6)

As always, we look forward to hearing about your concerns with regards to business continuity. If you have a topic you'd like to see covered, please email me at [email protected]

Best Regards,

Bob Mellinger
President
Attainium Corp

Quote of the Week

"When everyone feels that risks are at their minimum,
over-confidence can take over and elementary precautions start to get watered down."

- Ian Macfarlane -

Articles

1. Enterprise Risk Management in Uncertain Times
No company is immune to potentially disruptive or catastrophic events. So what separates the business that is quick to recover from the business that is slow-or even unable-to get back on track? Prevention, detection, and prudent response.
http://www.irmi.com/Expert/Articles/2007/Deloitte10.aspx

2. Determining Risk Appetite
Risk appetite, at the organizational level, is the amount of risk exposure, or potential adverse impact from an event, that the organization is willing to accept/retain. Once the risk appetite threshold has been breached, risk management treatments and business controls are implemented to bring the exposure level back within the accepted range.
http://www.continuitycentral.com/feature0170.htm

3. Connecting the Dots
Businesses currently look at risk in a variety of ways: Sarbanes-Oxley (SOX) mandates financial controls, enterprise risk management (ERM) gauges company-wide risks, internal audit oversees financial and operational controls, and the emerging field of governance, risk and compliance (GRC) tries to converge all those elements. Unfortunately, in many instances, the right hand may not know what the left hand is doing.
http://www.rmmagazine.com/MGTemplate.cfm?Section=RMMagazine&NavMenuID=128 &template=/Magazine/DisplayMagazines.cfm&IssueID=327&AID=3748&Volume=55&ShowArticle=1

4. The 2009 Ernst & Young Business Risk Report
2008 proved to be a challenging year for business across the board, with many new business facing a risk never seen before - recession risk. Ernst & Young has released their 2009 business risk report, highlighting repeat categories from 2008 such as reputation risk and managing talent. Along with the risk of deepening recession, another newcomer to the list is business model redundancy.
http://www.ey.com/Global/assets.nsf/Ukraine_E/Strategic_Business_Risk_2009_EN/$file/Strategic_Business_Risk_2009_EN.pdf

5. Top 10 Risk Managers' Mistakes
Gambling on risk--by assuming a catastrophe won't strike their company--is the most grievous mistake risk managers can make, according to a list developed by independent risk management services provider Business Risk Management Solutions.
http://www.riskandinsurance.com/story.jsp?storyId=62946910&query=business%20risk

6. Fraud Risk Management
This report concentrates on five key principles to address governance, risk assessment, fraud prevention and detection, investigation and corrective action. Twenty fraud experts spent two years compiling information for the study.
http://www.aicpa.org/download/news/2008/Managing_the_Business_Risk_of_Fraud.pdf