Protecht.ERM Showcase: Manage the full lifecycle of risk management in one system
Register Now

How do we make decisions based on risk reward when the risk information is out of date? Traditional point-in-time reporting in risk management can result in an artificial view of how your organisation is doing. In this video, David Tattam talks about what you can include in a Risk in Motion report to create a dynamic risk profile of your organisation.

Static Risk Management_subtitles

Video Transcription:

In a life prior to risk management, I was an accountant, a chartered accountant. And I guess all the time I was doing that it was of great interest to understand the measurement and the performance of an organisation.

The issue I always had was that the measurement we were doing was at a point-in-time, the period end balance sheet, the period end profit and loss account. And it seemed to give in many ways a slightly artificial view of how the organisation was really performing because it was a point-in-time.

I then moved into risk management, which was more interesting in the sense that it was more forward looking. But then I came across a similar problem, the period end view of risk. We have the risk register, which we report through a risk assessment now and again, and that gives us a snapshot of our risks related controls, the level of risk at a certain point-in-time. Sometimes those risk assessments might only be done maybe even annually, sometimes semi-annually, may be exceptionally quarterly.

Now three months, six months, 12 months is a very long time between snapshots in risk, so how do we make decisions based on risk reward when the risk information is really out of date?

I guess put very simply, badly.

Making your risk more dynamic

So how do we make risk more dynamic? The issue is really that risk is in motion, all the time it is dynamic, it's forever changing.

Unless we can furnish that outdated view to decision makers and management, it's very hard for them to make quality decisions, and also to have up to date assurance that our risk is being appropriately managed. So this takes then to moving forward thinking about a more dynamic risk profile.

How do we get that? Well, the key, we believe, is to bring all the information that you have around a particular risk together in one snapshot.

Now, what information do we have coming out of a typical enterprise risk management framework system?

We have the traditional risk assessment, the once a year, once a period view, it does help us in some
manners, but static. That can be supplemented by incidents - what incidents that we had around that risk recently, also incidents that have occurred with external parties, external data.

What about controls assurance? Updating the level of effectiveness of our controls over that risk any point in time?

What about indicators? Tracking key risk indicators, key control indicators around that risk to give a more up to date view.

What about attestations? Where we might have people attesting to their external internal compliance requirements, particularly compliance around a particular risk that we might have?

And finally, what about issues and actions? Any issues outstanding for that risk, any actions on controls treatment methods that we haven't yet implemented. If we could bring that all together and use the most recent data we have on each of those and then paint a picture that is now an updated dynamic risk profile,
this would get away from this problem with static information.

Now at Protecht, we refer to this principle as Risk in Motion, reflecting that risk is constantly moving and it is dynamic and Risk in Motion is trying to give the updated real time profile view of risk.

If you'd like to know more, please please visit our website. Please feel free to join up with me on LinkedIn.

So see you later. And until next time, take care.


Related Articles

feature image
Compliance Management, Protecht News & Events, Risk Management, Risk Reporting, Videos, Compliance Professionals

Modern Slavery - Being Prepared

Do you know what the Modern Slavery Act is and how it will impact your business? We had the opportunity to have Associate Professor Justine Nolan...
Read more
feature image
ERM, Risk Controls, Risk Manager, Risk Management Software, Videos, Webinars

Controls Assurance Webinar

Awesome Controls Assurance: The Confidence to Go Faster This event was done live on Oct.22nd 2019. Access the recording here. “The greatest potential...
Read more
feature image
ERM, Risk Assessment, Risk Management Software, Videos, Risk Management Framework, Webinars

Protecht.ERM System Demo APAC -Recording

Enterprise Risk Management = Integrated Risk Management in Protecht.ERM This event was done live on 10 September 2019. Access the recording here. In...
Read more