This time it isn’t different

sometimes things are ok

Two major events are going to happen in US within the five years.  One is a replay of the US subprime mortgage collapse which spawned the 2008 financial crisis.  The other will occur when the bubble of college debt bursts. Both events - one of which may well trigger the other - will cause massive … Continue reading This time it isn’t different

If it looks like a duck (or a snake)….

“The first rule of snakes [problems] is, if you see a snake, you kill it….Just take care of it” Jim Barksdale, former CEO Netscape It’s rare for an event to be truly unexpected. We know that our personal habits affect our health. We know that incorrect use of tools and machinery can cause injury. We … Continue reading If it looks like a duck (or a snake)….

DCDR is live (and free)

Launch day! For about 15 months now, I have been working on a project to build a better piece of risk management software.  This is something I have been thinking about since 2002 and I think now, more than ever, we need - and deserve - a better piece of software for risk management.  (Read … Continue reading DCDR is live (and free)

ISO 31000 – a review of the 2018 standard

Yawn! Aside from GDPR-inspired emails with news of updated terms and conditions , this will be the most boring thing you will read all week.... However, it might be one of the more important if you are a risk manager because one of the core risk management references has just been updated and there are … Continue reading ISO 31000 – a review of the 2018 standard

Meet the expert – a conversation with Nick Smart

Risks don't just arise from operational incidents.  Often the conduct of the organization and its senior leaders result in a type of risk that is very different but just as threatening as a large, physical event. In this conversation with Nick Smart we explore the intersection of risk, ethics and governance.  Nick is an independent … Continue reading Meet the expert – a conversation with Nick Smart

10 quick thoughts on risk

I'm trying to improve my videos so apologize for the quality but here's a quick video with 10 quick thoughts on risk management. Let me know what you think!

A KISS Approach to Enterprise Security Risk Management

Enterprise security risk management (ESRM) has been a topic of increasing interest for security managers over the past few years, and ASIS International has identified it as a strategic focus. But a review of the literature, beginning with the 2010 CSO roundtable paper on ESRM, raises two issues that could make ESRM implementation difficult. First, … Continue reading A KISS Approach to Enterprise Security Risk Management

Integrating a Risk Management System into Your Organization

Integrating a risk management system into your department or organization will be a major endeavor and while there are significant benefits to making this change, the degree of effort required should not be underestimated. Moreover, the overall workload of the organization and other major initiatives that might also be underway are major considerations when planning … Continue reading Integrating a Risk Management System into Your Organization

WDYMB…Address Risks?

Once an organization’s risks are understood, it is important that appropriate action is taken to address these risks to ensure that the organization's objectives are protected or enhanced. Some risks are severe enough to require immediate action. Others can be dealt with in the short term whereas some risks require longer-term attention over months or … Continue reading WDYMB…Address Risks?

WDYMB…Risk Perception and Risk Communication?

Complicated, subtle factors affect how we perceive risk and these can be exacerbated by the way we receive risk information. We refer to the ways we think about and react to risks as risk perception, and the processes for discussing risk as risk communication. Even when people are in the same or very similar situations, they … Continue reading WDYMB…Risk Perception and Risk Communication?