Back in February I started a blog post about the need for risk management to get simpler, in order to be more valuable. I stated that at it’s core enterprise risk management is about answering three critical questions:
1. What are the risks that could impact my goals and objectives?
2. What are we doing about those risks?
3. Is what we are doing effective?