The Active Risk Blog


By Tiffany Goddard, Sales Director, Carahsoft   The goal of the U.S. government's Enterprise Risk Management (ERM) protocols is not to completely eliminate risk, but rather to increase risk awareness and prepare for the worst case scenario. The U.S. Department of Defense defined ERM in their Defense Risk, Issue and Opportunity Management Guide. This guide aims to help organizations make decisions about the best solutions for a technology acquisition while identifying, analyzing and attempting to handle the consequences of known risks, issues and opportunities. The key areas addressed in the guide are:   Risks – Future events or conditions that may have a negative effect on achieving program objectives for cost, schedule and performance. Issues – Events or conditions that have already occurred, are occurring or are certain to occur in the future and have a ...  



So you have your process in place and your perfect Risk spreadsheet template on the company portal... why are you still spending precious time in umpteen risk review meetings, taking all the notes and amalgamating all the data, when what you really should be doing is analysing it?   For those of you that haven't yet introduced your business users to Risk Express, here's something to whet your appetite. We've picked three screens that we think really bring the application to life and most importantly could help you to wean users off spreadsheets and onto something altogether more sophisticated, that is every bit as easy to use.   Risk Assessments in seconds     Much better looking than a spreadsheet, this screen enforces standard scoring and data capture, making risk identification, assessment and task management easy for your business community.   With its built in functionality there is no ...  



As risk practitioners it is no surprise to us that risk is becoming more important to the corporate agenda. These days it is widely acknowledged that risk touches every aspect of an organization and as such, is often owned not just by risk managers, but also departmental and business heads. We have designed ARM 9 to reflect this, building in new features that support collaborative working and encourage engagement across the business.   For example, the new Document Vault allows users to store documents against activities, portfolios, risks, audits or incidents, and because it supports commonly used file types, it is accessible for all users. Plus we have included new data views that allow users to Risk Adjust at both the project and enterprise level, giving valuable business performance information to support strategic decisions.   We have also recognized that hosted software is an ...  



This headline may come as no surprise, given that the UK recently voted to leave the EU and the somewhat unexpected result of Donald Trump becoming president-elect of the USA. However, this was the view from you our customers, taken from the survey that many of you completed during our Global Conferences in summer 2016. Most of you had taken part in the survey before the EU referendum or the USA presidential election had come to pass and it just highlights how in these uncertain times you never know what is just around the corner. Both of these outcomes were unexpected, and indeed this time in 2015, although both were on the horizon, political risk wasn’t mentioned at all when we asked you about the biggest threat to your business.   In the summer of 2016, 44% of organizations in the ...  



While working on a presentation for a Mining sector conference recently, it struck me just how important risk management is for ensuring that strategic plans become reality. Not just risk management per se, but fully integrated risk, where pretty much everyone in the organization is involved.   Here's why. Often risk management responsibilities are allocated to a relatively small group of individuals with specific functions like safety, environmental management, operations, finance and strategic planning. This tends to lead to a siloed risk management structure where risks are managed independently with limited communication with other domains. Many risks remain invisible to other parts of the organization because they're expected to be handled as a part of the daily responsibilities within a specific domain area, even though they have broader impacts. An enterprise-wide approach to risk consolidates risks from all domains into a common ...