The Active Risk Blog


We’ve been working with the folks at GRC20/20, and in particular, with Michael Rasmussen, the father of the term GRC which he created when he was the Lead Research Fellow at Forrester in 2003.   Together we’ve produced a paper about providing 360˚ contextual awareness of risk. Michael’s industry research has shown that in many organisations, it is the case that risk management still takes place in silos. Distributed business units maintain their own risk data, spreadsheets, analytics, modelling, frameworks and assumptions. And while organizations are keen to improve risk management, this standalone approach for each area poses a major challenge.   When an organization runs risk in a piecemeal fashion with information held in silos, there is little collaboration, and therefore no opportunity to build intelligence as individual risks intersect and compound. This approach makes it all but impossible to ...  



23 June was not just the day that UK citizens voted on the EU Referendum, it was also the day that our series of Global Conferences went to London.   This was the largest of our conferences to date, and we were delighted to welcome record numbers of attendees, despite traffic chaos caused by heavy rain.   Our two keynote speakers, Sir Ranulph Fiennes, the renowned adventurer and polar explorer and Michael White, Assistant Editor of the Guardian and broadcaster were both were extremely entertaining. Ran told numerous anecdotes of hair-raising near-disaster in polar expeditions, with plenty of grizzly photos. He also talked about his earlier military career, and about reducing risk in warfare – particularly reducing the number of deaths of soldiers. His final comment was that nature isn’t out to get you, but in business, your competitors ...  



  The other day I came across an EY white paper called Turning Risk into Results that I first read a couple of years ago. What struck me is just how on the button the paper was, and we are certainly seeing many of the trends discussed reflected in our own customer base currently.   The paper is all about how leading companies use risk management to improve business performance. The original research was based on a global, quantitative survey (with 576 interviews and a review of over 2,750 analyst and company reports), that assessed the level of risk maturity and its relationship with financial performance.   It highlights some stark contrasts between the top performing companies (in terms of risk maturity) and those at the bottom. For example, companies in the top 20% of risk maturity generated three times the level ...  



Guest blog - Paul Leach – Principal of Commercial & Risk, JukesTodd.   In our business we provide professional services to improve outcomes and business performance for organizations in the mining, infrastructure and energy sectors.   We identified early on when working with our clients that good risk management practice is essential to the successful delivery of all projects including achievement of agreed budgets and timescales. In fact, risk management has always been fundamental to our services approach.   While skilled at identifying risk and opportunities, we recognized that we needed a disciplined approach to help us better manage and drive value from the risk management process – a system that would benefit both us and our clients.   For us Active Risk Manager is that system – it helps us to keep track of project risks, and holds us to account for delivery of effective risk ...  



Don't count on it   I was reading an interesting blog post the other day that stated that Risk Management is something organizations do, not something they buy. This struck a chord with me.   I found myself thinking about the pros and cons of this viewpoint. While simply buying a tool to manage risk clearly isn't going to do the job on its own, these days, you can't manage risk across a complex enterprise, or even a project, without some form of specialist technology.   When we boil it right down, organizations are made up of people who do their jobs to the best of their abilities. However, while you are a risk professional, most of the other people in your organization probably aren't.   As we all know, getting the risk management process to work across the company might work on paper, but is often hard ...