NEED EXTRA HELP?
Do you need extra expertise on an ad-hoc basis to assist with unexpected challenges and problems?
OPERATIONAL RESILIENCE HEALTH CHECK
When did you last check that your operational resilience processes are fit for purpose?
INSIGHT BLOG
Risk management beyond compliance
Risk management beyond compliance: how to create a more resilient organisation that can better respond to difficulties.
Extract from QFinance – Bill Sharon:
Over the past decade the line between risk management and compliance has been blurred to the point where, in many organizations, it is impossible to determine if they are not one and the same. In part, this confusion between the two functions was initiated and then exacerbated by the passage of the Sarbanes–Oxley Act of 2002 and the implementation of Basel II. Both of these events consumed a great deal of resources, and many consulting firms labeled these efforts “risk management.” They are, in fact, compliance requirements designed to protect stakeholders and, in the latter case, ensure the viability of the financial system. They are not designed for, and nor can their implementation achieve, the management of risk in individual companies or financial institutions.
This confusion between compliance and risk management has led to a defensive posture in dealing with the uncertainties of the competitive business environment. Risk has been confined to the analysis of what could go wrong rather than what needs to go right. Risk management organizations have become the arbiters of what constitutes risk and have assumed an adversarial relationship with business managers, particularly in capital allocation exercises. Failures and scandals are met with calls for more regulation, the implementation of regulations becomes the province of risk management organizations, and the execution of strategy (arguably the area in most need of risk management) becomes further separated from any kind of disciplined analysis.
More … http://www.qfinance.com/operations-management-best-practice/risk-management-beyond-compliance?
Sep 10 2012
ComplianceCategory
- Business Continuity & Pandemic Planning (9)
- Business Transformation (102)
- Change Management (33)
- Compliance (24)
- Conduct Risk (8)
- GDPR (5)
- Governance (4)
- GRC (22)
- IRM GRC Special Interest Group (11)
- Mergers & Acquisitions (M&A) (13)
- News (3)
- Non-Executive Management (NEM) (1)
- Portfolio Management (8)
- Programme & Project Management (9)
- Risk Management (63)
- Solvency II (9)
- Strategy Implementation (34)
- Twitter (2)
- Uncategorized (2)