The Active Risk Blog


While working on a presentation for a Mining sector conference recently, it struck me just how important risk management is for ensuring that strategic plans become reality. Not just risk management per se, but fully integrated risk, where pretty much everyone in the organization is involved.   Here's why. Often risk management responsibilities are allocated to a relatively small group of individuals with specific functions like safety, environmental management, operations, finance and strategic planning. This tends to lead to a siloed risk management structure where risks are managed independently with limited communication with other domains. Many risks remain invisible to other parts of the organization because they're expected to be handled as a part of the daily responsibilities within a specific domain area, even though they have broader impacts. An enterprise-wide approach to risk consolidates risks from all domains into a common ...  



ARM demonstrates global reach citing customers from Europe, Middle East, Australasia and North America   Maidenhead, UK. 6 September 2016 – Sword Active Risk has been selected for the shortlist for the Risk Management, Product of the Year award. The award entry includes examples of how ARM is used by a diverse range of clients including: Bruce Power, where ARM manages risk and opportunity across all of its capital projects at two power generating stations in Canada Ameren Transmission (Illinois, USA), where they have a strong risk management culture. ARM is used to identify and mitigate risk for all projects across all regions, and includes project approval and contingency budgeting. Downer’s Rail division where they developed the first Australian ‘live’ risk register to operate across disciplines, both enterprise-wide and national. ARM supports Downer’s award-winning framework for safety, health, environment and quality (SHREQ). TSB, UK-based challenger bank, ...  



Risk Chart 1

‘Black Swan’ is a recognized theory within risk management, originally developed by Nassim Nicholas Taleb. For those of you that have ever wondered, the term ‘Black Swan’ originates from the belief that all swans are white because these were the only ones accounted for. However, when black swans were discovered during the 17th century in Australia, this unexpected event in scientific history profoundly changed zoology. After the black swan was discovered it seemed obvious that black swans had to exist just as other animals with varying colors were known to exist. Taleb made his financial trading reputation out of targeting the impact of highly improbably events.   The importance of the metaphor is that it describes an event that is highly unlikely to materialize but if it did, would have a substantial impact. In traditional enterprise risk methodologies the assessment of this ...  



Risk Management

On July 15th 2016 the Office of Management and Budget, an Executive Office for the President, released a major revision to OMB A-123. Now entitled ‘Management’s Responsibility for Enterprise Risk Management and Internal Control’ the new version underlines the importance of the relationship between Internal Controls and Enterprise Risk Management (ERM). This is the next step following the introduction of ‘risk based thinking’ in ISO9001:2015.   To our minds, we are seeing a natural progression as organizations worldwide look to improve performance by operating at higher levels of risk maturity which integrate ERM, Internal Controls, and Governance in a closed-loop process.  

  In OMB A-123, the administration emphasizes the importance of having appropriate risk management processes and systems in place to identify challenges early, to bring them to the attention of agency leadership and to develop solutions.   It also states that implementation of this policy ...  



We’ve been working with the folks at GRC20/20, and in particular, with Michael Rasmussen, the father of the term GRC which he created when he was the Lead Research Fellow at Forrester in 2003.   Together we’ve produced a paper about providing 360˚ contextual awareness of risk. Michael’s industry research has shown that in many organisations, it is the case that risk management still takes place in silos. Distributed business units maintain their own risk data, spreadsheets, analytics, modelling, frameworks and assumptions. And while organizations are keen to improve risk management, this standalone approach for each area poses a major challenge.   When an organization runs risk in a piecemeal fashion with information held in silos, there is little collaboration, and therefore no opportunity to build intelligence as individual risks intersect and compound. This approach makes it all but impossible to ...