SlideShare ist ein Scribd-Unternehmen logo

Risk management models - Core Consulting

CORE Consulting
CORE Consulting

http://www.coreconsulting.ae/consulting/risk-management/

Business
1 von 62
Downloaden Sie, um offline zu lesen
© Continuity and Resilience – Copyright 2013 Risk Management and Models CII – Nov. 05, 2015
Introductions 2
About Continuity and Resilience (CORE) • ISO 22301 Certified Management Consulting Firm • Business Continuity Management • Crisis Management • IT Disaster Recovery • Green IT • Risk Management • Information Security Management • We Consult / Train / Assess and Certify in these domains 3
A person who can foresee problems / difficulties and identify proactive solutions will live happily - Chanakya (350 – 283 BC), Author of Artha Sasthra 4
5 What is Risk? • Risk is the potential that something will go wrong as a result of one or a series of events. To get profit without risk, experience without danger, and reward without work, is as impossible as it is to live without being born. - A.P. Gouthe
Risk Definitions – the change over time 6 Source Definitions ISO/IEC Guide 51:1999 Combination of the probability of occurrence of harm and the severity of that harm ISO/ IEC Guide 73:2002 Combination of the probability of an event and its consequence AS/NZS 4360: 2004 Chance of something happening that will have an impact on objectives COSO (2004) ERM Integrated Framework Events with a negative impact represent risks, which can prevent value creation or erode existing value. Events with positive impact may offset negative impacts or represent opportunities. ISO 31000:2009 Effect of uncertainty on objectives ISO 22301:2012 Effect of uncertainty on objectives
Harmonization of International Standards • ISO/IEC 31000 - Risk management – Principles and guidelines • ISO/IEC 31010 - Risk management – Risk assessment techniques • ISO/IEC 27001 - Information technology – Security techniques – Information security management systems – Requirements • ISO/IEC 27005 - Information technology – Security techniques – Information security risk management systems
8 Universe of Risks-1 www.ey.com
Universe of Risks - 2 Natural Manmade Accidental Internal External
Potential Sources of Risk
Lessons from Animals-1 Don’t be a pigeon! 11
Why are we talking about Risk?
Today’s networks are more exposed to threats & risks Gartner brought up an interesting concept: "Perimeters and firewalls are no longer enough; every app needs to be self-aware and self-protecting." The risk environment is constantly changing. Financially-motivated, targeted attacks are increasing – but most security processes and technologies are failing to keep up. Exposure points
14 “Risk comes from not knowing what you’re doing” - Warren Buffett Well, then I guess, we both are in deep trouble
About … Risk Management In assessing risks, technical people tend to focus on technical issues which have occurred to them, but the major risks for a product may be business-related – obstacles they don’t consider as often..
What is Risk Management? Who uses Risk Management? How is Risk Management used? Risk Management Models
• Good management practice • Process steps that enable improvement in decision making • A logical and systematic approach • Identifying opportunities • Avoiding or minimizing losses What is Risk Management?
Risk Management is the name given to a logical and systematic method of identifying, analysing, treating and monitoring the risks involved in any activity or process. What is Risk Management?
Risk Management is a methodology that helps managers make best use of their available resources What is Risk Management?
Coordinated activities to direct and control an organization with regard to risk What is Risk Management?
Risk Management - Benefits 21 Likelihood of achieving objectives is increased Proactive management is encouraged Identification of opportunities and threats is increased Legal and regulatory compliance is achieved Improvement in mandatory and voluntary reporting is achieved Governance is improved Interested parties’ confidence and trust is enhanced Decision making and planning is improved Resource allocation is effective
Risk Management - Benefits 22 Operational effectiveness and efficiency is improved Health and safety performance is enhanced Environmental protection is improved Loss prevention and incident management is improved Losses are minimised Organisational learning is improved Overall improvement is organisational resilience is achieved
Risk Management practices are widely used in public and the private sectors, covering a wide range of activities or operations. These include: Who uses Risk Management? • Finance and Investment • Insurance • Health Care • Public Institutions • Governments
• Effective Risk Management is a recognized and valued skill. • Educational institutions have formal study courses and award degrees in Risk Management. • The Risk Management process is well established. (International RM process standards.) Who uses Risk Management?
Risk Management is now an integral part of business planning. Who uses Risk Management?
Risk Management -Myths • “We can only do so much; then whatever happens, happens.” • “Don’t be concerned with Risk Management (RM); there is nothing in it that applies to non-financial businesses.” • “It’s hard to find someone who has the expertise to address all risks across the organization. Isn’t that what the CEO and CFO should be doing?” • “Buying insurance manages the risk, doesn’t it?” 26
Risk Management -Myths • “Risk management is only for large companies” • “We have lots of insurance” • “We already have a safety program” • “We haven’t had any problems so far” (but WE ARE ALWAYS ONE DISASTER BEHIND) • “It’s too expensive to implement a program” • “My company doesn’t have ethical risks.” 27
28
The Risk Management process steps are a generic guide for any organisation, regardless of the type of business, activity or function. How is Risk Management used? There are 7 steps in the RM process
30 “The first step in the risk management process is to acknowledge the reality of risk. Denial is a common tactic that substitutes deliberate ignorance for thoughtful planning.” --Charles Tremper
The basic process steps are: Establish the context Identify the risks Analyse the risks Evaluate the risks Treat the risks
‘Risk’ is dynamic and subject to constant change, so the process includes continuing: Communication & consultation Monitoring and review and
The Risk Management process: The strategic and organisational context in which risk management will take place. For example, the nature of your business, the risks inherent in your business and your priorities. Communicate & consult Establish the context
The Risk Management process: Communicate & consult Monitor and review Defining types of risk, for instance, ‘Strategic’ risks to the goals and objectives of the organisation. • Identifying the stakeholders, (i.e.,who is involved or affected). • Past events, future developments. Identify the risks
The Risk Management process: Communicate & consult Monitor and review Analyse the risks How likely is the risk event to happen? (Probability and frequency?) What would be the impact, cost or consequences of that event occurring? (Economic, political, social?)
The Risk Management process: Communicate & consult Monitor and review Evaluate the risks Rank the risks according to management priorities, by risk category and rated by likelihood and possible cost or consequence. Determine inherent levels of risk.
The Risk Management process: Treat the risks Develop and implement a plan with specific counter-measures to address the identified risks. Consider: • Priorities (Strategic and operational) • Resources (human, financial and technical) • Risk acceptance, (i.e., low risks)
The Risk Management process: Document your risk management plan and describe the reasons behind selecting the risk and for the treatment chosen. Record allocated responsibilities, monitoring or evaluation processes, and assumptions on residual risk. Communicate & consult Monitor and review Treat the risks
The Risk Management process: Communicate & consult Risk Management policies and decisions must be regularly reviewed. Monitor and review In identifying, prioritising and treating risks, organisations make assumptions and decisions based on situations that are subject to change, (e.g., the business environment, trading patterns, or government policies).
The Risk Management process: Risk Managers must monitor activities and processes to determine the accuracy of planning assumptions and the effectiveness of the measures taken to treat the risk. Methods can include data evaluation, audit, compliance measurement. Communicate & consult Monitor and review
The Risk Management process: Establish the context Identify the risks Analyse the risks Evaluate the risks Treat the risks
“Business as usual is business at risk” - Deloitte Old whitepaper 42 “The problem in my life and other people’s lives is not the absence of knowing what to do, but the absence of doing it” - Peter F Drucker Famous Quotes
43 “Good Risk Management fosters vigilance in times of calm and instills discipline in times of crisis.” --Dr. Michael Ong
44 • “Risk management should be an enterprise-wide exercise and engrained in the business culture of the organization.” -- Julie Dickson
45 “If you treat risk management as a part-time job, you might soon find yourself looking for one.” --someone in Deloitte
4 T’s of Risk Management 46 • Tolerate (what is within your risk appetite) • Treat (by investing) • Transfer (through insurance) • Terminate (the risk / process itself)
Heat Diagram (before and after treatment) • Number of risks falling in the Red and Amber should reduce after treatment • These should further reduce after treatment of the residual risks • Which must further keep reducing over a period • While new risks may also appear 47
Lessons from Animals-2 Don’t be a horse! 48
Risk Management Maturity Model • There is no established Maturity Model for Risk Management, exists now; • But one can easily be developed and adopted 49 “If you can't describe what you are doing as a process, you don't know what you're doing” W. Edward Deming
RM Maturity Model- Deloitte sample 50
RM Maturity Model • Levels and Parameters defined by someone else • Level 1: Ad hoc. Undocumented; in a state of dynamic change; depends on individual heroics • Level 2: Preliminary. Risk defined in different ways and managed in silos. Process discipline is unlikely to be rigorous. • Level 3: Defined. A common risk assessment/response framework is in place. Organization-wide view of risk is provided to executive leadership. Action plans implemented in response to high priority risks. 51
RM Maturity Model • Levels and Parameters defined by someone else • Level 4: Integrated. Risk management activities coordinated across business areas. Common risk management tools and processes used where appropriate, with enterprise-wide risk monitoring, measurement and reporting. Alternative responses analyzed with scenario planning. Process metrics in place. • Level 5: Optimized. Risk discussion is embedded in strategic planning, capital allocation, and other processes and in daily decision-making. Early warning system to notify board and management to risks above established thresholds. 52
Other RM Standards • ISO 14971 • Medical devices – Application of risk management to medical devices • ISO /IEC 16085 • Systems and Software Engineering - Life cycle processes – Risk management • ISO 17666 • Space systems – Risk management • ISO / IEC 27005 • Information technology – Security techniques – Information security risk management 53
Other RM Standards • AS/ NZS 4360 • Risk Management** • COSO Enterprise Risk Management – Integrated Framework • NIST 800-30 • Risk Management Guide for Information Technology Systems ** Base standard for ISO 31000; is the first international standard on Risk Management 54
1. Define 1.1 Stakeholders 1.2 Risk Management Executive 1.3 Scope 2.4 Decide Response 3 Select Control Criteria & Implement Controls 3.1 Choose Controls 3.2 Implement Controls 4. Audit & Testing of Controls 4.3 Accreditation 4.2 External Testing/Auditing 4.1 Internal Testing/Auditing 5. Improvement Plan 5.2 Monitor 5.1 Agree 6.4 Categorise 6. Incident Management 6.1 Monitor 6.3 Record 6.2 Respond 2 Risk Analysis2.1 Risk Identification 2.3 Calculate Risk 2.2 Identify Appetite Plan Do Check Act Deming Cycle BT Risk Process & Activity Lifecycle (PDCA Model)
Other Strategic Risks • Recently, the following have been gaining a lot of importance • Sustainability Risks • Cloud Computing Risks 56
57 Risk Management Rules 1. Don’t underestimate your risks 2. Risks don’t go away (it exists as it is) 3. The certifications doesn’t make you ready 4. You can’t just rely on technology 5. Be careful of professional burnout 6. Look after your (precious) data 7. Risk Management? Incident Management? 8. Manage risks from top down 9. Don’t reveal your internal documents 10. Lies, damn lies and statistics…..
A Balanced Approach - Risks need to be understood Potential Threats to Assets Potential Vulnerability Reality Check Balanced Solution Risk Appetite Solution for Acceptable Risk Mitigation Lo w Hig h Lo w Hig h Lo w Hig h Information Security Cost Risk Usability Risk Management is the management of Trade-off
There must be a balance!
© Continuity and Resilience – Copyright 2013 Thank You
CONTINUITY & RESILIENCE Email: info@continuityandresilience.com Website: www.continuityandresilience.com http://www.coreconsulting.ae/ 62

Empfohlen

Risk Assessments Best Practice and Practical Approaches Webinar
Risk Assessments Best Practice and Practical Approaches WebinarRisk Assessments Best Practice and Practical Approaches Webinar
Risk Assessments Best Practice and Practical Approaches WebinarAviva Spectrum™
 
ESG and Compliance: Where do we go from here?
ESG and Compliance: Where do we go from here?ESG and Compliance: Where do we go from here?
ESG and Compliance: Where do we go from here?Nimonik
 
ISO 22301: The New Standard for Business Continuity Best Practice
ISO 22301: The New Standard for Business Continuity Best PracticeISO 22301: The New Standard for Business Continuity Best Practice
ISO 22301: The New Standard for Business Continuity Best PracticeMissionMode
 
Business Continuity Management & ISO 22301
Business Continuity Management & ISO 22301Business Continuity Management & ISO 22301
Business Continuity Management & ISO 22301IT Governance Ltd
 
Iso 22301
Iso 22301Iso 22301
Iso 22301Craig Willetts ISO Expert
 
Governance Culture & Incentives- Fundamentals of Operational Risk
Governance Culture & Incentives- Fundamentals of Operational RiskGovernance Culture & Incentives- Fundamentals of Operational Risk
Governance Culture & Incentives- Fundamentals of Operational RiskAndrew Smart
 
Risk Assessment and Risk Assessment Matrix Presentation
Risk Assessment and Risk Assessment Matrix PresentationRisk Assessment and Risk Assessment Matrix Presentation
Risk Assessment and Risk Assessment Matrix PresentationUsama Saeed
 
Enterprise risk & risk management - I
Enterprise risk & risk management - IEnterprise risk & risk management - I
Enterprise risk & risk management - IDr. Shiv S Tripathi
 

Empfohlen

Risk Assessments Best Practice and Practical Approaches Webinar
Risk Assessments Best Practice and Practical Approaches WebinarRisk Assessments Best Practice and Practical Approaches Webinar
Risk Assessments Best Practice and Practical Approaches WebinarAviva Spectrum™
 
ESG and Compliance: Where do we go from here?
ESG and Compliance: Where do we go from here?ESG and Compliance: Where do we go from here?
ESG and Compliance: Where do we go from here?Nimonik
 
ISO 22301: The New Standard for Business Continuity Best Practice
ISO 22301: The New Standard for Business Continuity Best PracticeISO 22301: The New Standard for Business Continuity Best Practice
ISO 22301: The New Standard for Business Continuity Best PracticeMissionMode
 
Business Continuity Management & ISO 22301
Business Continuity Management & ISO 22301Business Continuity Management & ISO 22301
Business Continuity Management & ISO 22301IT Governance Ltd
 
Iso 22301
Iso 22301Iso 22301
Iso 22301Craig Willetts ISO Expert
 
Governance Culture & Incentives- Fundamentals of Operational Risk
Governance Culture & Incentives- Fundamentals of Operational RiskGovernance Culture & Incentives- Fundamentals of Operational Risk
Governance Culture & Incentives- Fundamentals of Operational RiskAndrew Smart
 
Risk Assessment and Risk Assessment Matrix Presentation
Risk Assessment and Risk Assessment Matrix PresentationRisk Assessment and Risk Assessment Matrix Presentation
Risk Assessment and Risk Assessment Matrix PresentationUsama Saeed
 
Enterprise risk & risk management - I
Enterprise risk & risk management - IEnterprise risk & risk management - I
Enterprise risk & risk management - IDr. Shiv S Tripathi
 
Risk and Business Continuity Management
Risk and Business Continuity Management Risk and Business Continuity Management
Risk and Business Continuity Management Continuity and Resilience
 
Risk Appetite
Risk AppetiteRisk Appetite
Risk AppetiteTowers Perrin
 
Assess Your Business Continuity Management Process
Assess Your Business Continuity Management ProcessAssess Your Business Continuity Management Process
Assess Your Business Continuity Management ProcessAnand Subramaniam
 
Strategic Risk Management in the Face of Uncertainty and Unexpected Risks
Strategic Risk Management in the Face of Uncertainty and Unexpected RisksStrategic Risk Management in the Face of Uncertainty and Unexpected Risks
Strategic Risk Management in the Face of Uncertainty and Unexpected RisksInternational Federation of Accountants
 
BCI ISO 22301 Benchmarking Report
BCI ISO 22301 Benchmarking ReportBCI ISO 22301 Benchmarking Report
BCI ISO 22301 Benchmarking ReportNQA
 
Governance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management SolutionGovernance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management SolutionRishabh Software
 
The secret of a successful Crisis Management & Continuity Plan
The secret of a successful Crisis Management & Continuity PlanThe secret of a successful Crisis Management & Continuity Plan
The secret of a successful Crisis Management & Continuity PlanPECB
 
Operational risk management and measurement
Operational risk management and measurementOperational risk management and measurement
Operational risk management and measurementRahmat Mulyana
 
Business Continuity Planning
Business Continuity PlanningBusiness Continuity Planning
Business Continuity PlanningInstitute for Business Continuity Training
 
PECB Webinar: The importance of business impact analysis
PECB Webinar: The importance of business impact analysisPECB Webinar: The importance of business impact analysis
PECB Webinar: The importance of business impact analysisPECB
 
Kuala Lumpur - PMI Global Congress 2009 - Risk Management
Kuala Lumpur - PMI Global Congress 2009 - Risk ManagementKuala Lumpur - PMI Global Congress 2009 - Risk Management
Kuala Lumpur - PMI Global Congress 2009 - Risk ManagementTorsten Koerting
 
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATION
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATIONOPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATION
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATIONFrackson Kathibula-Nyoni
 
Risk management
Risk managementRisk management
Risk managementBabasab Patil
 
How to Build an Enterprise Risk Management Framework
How to Build an Enterprise Risk Management FrameworkHow to Build an Enterprise Risk Management Framework
How to Build an Enterprise Risk Management FrameworkColleen Beck-Domanico
 
Enterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management ProcessEnterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management Processregio12
 
Riskpro - Operational Risk Management
Riskpro - Operational Risk ManagementRiskpro - Operational Risk Management
Riskpro - Operational Risk ManagementManoj Jain
 
Governance, risk and compliance framework
Governance, risk and compliance frameworkGovernance, risk and compliance framework
Governance, risk and compliance frameworkCeyeap
 
Key risk indicators shareslide
Key risk indicators shareslideKey risk indicators shareslide
Key risk indicators shareslideZakaria Salah, Ph.D,MBA
 
Business Continuity Management
Business Continuity ManagementBusiness Continuity Management
Business Continuity ManagementECC International
 
Risk Management for Directors - Governance Institute
Risk Management for Directors - Governance Institute Risk Management for Directors - Governance Institute
Risk Management for Directors - Governance Institute Turlough Guerin GAICD FGIA
 
Michigan Bankers Association Best 2014 enterprise risk management ppt
Michigan Bankers Association Best 2014 enterprise risk management pptMichigan Bankers Association Best 2014 enterprise risk management ppt
Michigan Bankers Association Best 2014 enterprise risk management pptBrian T. O'Hara CISA, CISM, CRISC, CCSP, CISSP
 
Federal CFO Maturity Model - IT Section_RS updated
Federal CFO Maturity Model - IT Section_RS updatedFederal CFO Maturity Model - IT Section_RS updated
Federal CFO Maturity Model - IT Section_RS updateddaddy.rick
 

Weitere ähnliche Inhalte

Was ist angesagt?

Assess Your Business Continuity Management Process
Assess Your Business Continuity Management ProcessAssess Your Business Continuity Management Process
Assess Your Business Continuity Management ProcessAnand Subramaniam
 
Strategic Risk Management in the Face of Uncertainty and Unexpected Risks
Strategic Risk Management in the Face of Uncertainty and Unexpected RisksStrategic Risk Management in the Face of Uncertainty and Unexpected Risks
Strategic Risk Management in the Face of Uncertainty and Unexpected RisksInternational Federation of Accountants
 
BCI ISO 22301 Benchmarking Report
BCI ISO 22301 Benchmarking ReportBCI ISO 22301 Benchmarking Report
BCI ISO 22301 Benchmarking ReportNQA
 
Governance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management SolutionGovernance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management SolutionRishabh Software
 
The secret of a successful Crisis Management & Continuity Plan
The secret of a successful Crisis Management & Continuity PlanThe secret of a successful Crisis Management & Continuity Plan
The secret of a successful Crisis Management & Continuity PlanPECB
 
Operational risk management and measurement
Operational risk management and measurementOperational risk management and measurement
Operational risk management and measurementRahmat Mulyana
 
PECB Webinar: The importance of business impact analysis
PECB Webinar: The importance of business impact analysisPECB Webinar: The importance of business impact analysis
PECB Webinar: The importance of business impact analysisPECB
 
Kuala Lumpur - PMI Global Congress 2009 - Risk Management
Kuala Lumpur - PMI Global Congress 2009 - Risk ManagementKuala Lumpur - PMI Global Congress 2009 - Risk Management
Kuala Lumpur - PMI Global Congress 2009 - Risk ManagementTorsten Koerting
 
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATION
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATIONOPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATION
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATIONFrackson Kathibula-Nyoni
 
How to Build an Enterprise Risk Management Framework
How to Build an Enterprise Risk Management FrameworkHow to Build an Enterprise Risk Management Framework
How to Build an Enterprise Risk Management FrameworkColleen Beck-Domanico
 
Enterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management ProcessEnterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management Processregio12
 
Riskpro - Operational Risk Management
Riskpro - Operational Risk ManagementRiskpro - Operational Risk Management
Riskpro - Operational Risk ManagementManoj Jain
 
Governance, risk and compliance framework
Governance, risk and compliance frameworkGovernance, risk and compliance framework
Governance, risk and compliance frameworkCeyeap
 
Business Continuity Management
Business Continuity ManagementBusiness Continuity Management
Business Continuity ManagementECC International
 
Risk Management for Directors - Governance Institute
Risk Management for Directors - Governance Institute Risk Management for Directors - Governance Institute
Risk Management for Directors - Governance Institute Turlough Guerin GAICD FGIA
 

Was ist angesagt? (20)

Risk and Business Continuity Management
Risk and Business Continuity Management Risk and Business Continuity Management
Risk and Business Continuity Management
 
Risk Appetite
Risk AppetiteRisk Appetite
Risk Appetite
 
Assess Your Business Continuity Management Process
Assess Your Business Continuity Management ProcessAssess Your Business Continuity Management Process
Assess Your Business Continuity Management Process
 
Strategic Risk Management in the Face of Uncertainty and Unexpected Risks
Strategic Risk Management in the Face of Uncertainty and Unexpected RisksStrategic Risk Management in the Face of Uncertainty and Unexpected Risks
Strategic Risk Management in the Face of Uncertainty and Unexpected Risks
 
BCI ISO 22301 Benchmarking Report
BCI ISO 22301 Benchmarking ReportBCI ISO 22301 Benchmarking Report
BCI ISO 22301 Benchmarking Report
 
Governance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management SolutionGovernance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management Solution
 
The secret of a successful Crisis Management & Continuity Plan
The secret of a successful Crisis Management & Continuity PlanThe secret of a successful Crisis Management & Continuity Plan
The secret of a successful Crisis Management & Continuity Plan
 
Operational risk management and measurement
Operational risk management and measurementOperational risk management and measurement
Operational risk management and measurement
 
Business Continuity Planning
Business Continuity PlanningBusiness Continuity Planning
Business Continuity Planning
 
PECB Webinar: The importance of business impact analysis
PECB Webinar: The importance of business impact analysisPECB Webinar: The importance of business impact analysis
PECB Webinar: The importance of business impact analysis
 
Kuala Lumpur - PMI Global Congress 2009 - Risk Management
Kuala Lumpur - PMI Global Congress 2009 - Risk ManagementKuala Lumpur - PMI Global Congress 2009 - Risk Management
Kuala Lumpur - PMI Global Congress 2009 - Risk Management
 
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATION
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATIONOPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATION
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATION
 
Risk management
Risk managementRisk management
Risk management
 
How to Build an Enterprise Risk Management Framework
How to Build an Enterprise Risk Management FrameworkHow to Build an Enterprise Risk Management Framework
How to Build an Enterprise Risk Management Framework
 
Enterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management ProcessEnterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management Process
 
Riskpro - Operational Risk Management
Riskpro - Operational Risk ManagementRiskpro - Operational Risk Management
Riskpro - Operational Risk Management
 
Governance, risk and compliance framework
Governance, risk and compliance frameworkGovernance, risk and compliance framework
Governance, risk and compliance framework
 
Key risk indicators shareslide
Key risk indicators shareslideKey risk indicators shareslide
Key risk indicators shareslide
 
Business Continuity Management
Business Continuity ManagementBusiness Continuity Management
Business Continuity Management
 
Risk Management for Directors - Governance Institute
Risk Management for Directors - Governance Institute Risk Management for Directors - Governance Institute
Risk Management for Directors - Governance Institute
 

Andere mochten auch

Federal CFO Maturity Model - IT Section_RS updated
Federal CFO Maturity Model - IT Section_RS updatedFederal CFO Maturity Model - IT Section_RS updated
Federal CFO Maturity Model - IT Section_RS updateddaddy.rick
 
CFO Risk Intelligence - Harvey Christophers
CFO Risk Intelligence - Harvey ChristophersCFO Risk Intelligence - Harvey Christophers
CFO Risk Intelligence - Harvey ChristophersAzure Group
 
Lecture 1 - 23 september 2012
Lecture 1 - 23 september 2012Lecture 1 - 23 september 2012
Lecture 1 - 23 september 2012Nimisha Gupta
 
Market Readiness Presentation
Market Readiness PresentationMarket Readiness Presentation
Market Readiness PresentationVinod Narayan
 
Flevy.com - Financial Derivatives - Forwards/Futures/Options
Flevy.com - Financial Derivatives - Forwards/Futures/OptionsFlevy.com - Financial Derivatives - Forwards/Futures/Options
Flevy.com - Financial Derivatives - Forwards/Futures/OptionsDavid Tracy
 
Dell and Deloitte: Managing Risk in the Cloud with Salesforce
Dell and Deloitte: Managing Risk in the Cloud with SalesforceDell and Deloitte: Managing Risk in the Cloud with Salesforce
Dell and Deloitte: Managing Risk in the Cloud with SalesforceDreamforce
 
Introduction of VAR/GVAR Model as a Methodology to Develop Stress Test Scenar...
Introduction of VAR/GVAR Model as a Methodology to Develop Stress Test Scenar...Introduction of VAR/GVAR Model as a Methodology to Develop Stress Test Scenar...
Introduction of VAR/GVAR Model as a Methodology to Develop Stress Test Scenar...基晴 出井
 
Use of R in Actuarial Works
Use of R in Actuarial WorksUse of R in Actuarial Works
Use of R in Actuarial Works基晴 出井
 
Fm11 ch 23 derivatives and risk management
Fm11 ch 23 derivatives and risk managementFm11 ch 23 derivatives and risk management
Fm11 ch 23 derivatives and risk managementNhu Tuyet Tran
 
Advanced Risk Management - Elsam Management Consultants
Advanced Risk Management - Elsam Management ConsultantsAdvanced Risk Management - Elsam Management Consultants
Advanced Risk Management - Elsam Management ConsultantsEMAC Consulting Group
 
Introducing the Professional Service Maturity Model
Introducing the Professional Service Maturity ModelIntroducing the Professional Service Maturity Model
Introducing the Professional Service Maturity ModelJeanne Urich
 
Third-Party Risk Management: Implementing a Strategy
Third-Party Risk Management: Implementing a StrategyThird-Party Risk Management: Implementing a Strategy
Third-Party Risk Management: Implementing a StrategyNICSA
 
Partnership accounting
Partnership accountingPartnership accounting
Partnership accountingKhuram Shahzad
 

Andere mochten auch (20)

Michigan Bankers Association Best 2014 enterprise risk management ppt
Michigan Bankers Association Best 2014 enterprise risk management pptMichigan Bankers Association Best 2014 enterprise risk management ppt
Michigan Bankers Association Best 2014 enterprise risk management ppt
 
Federal CFO Maturity Model - IT Section_RS updated
Federal CFO Maturity Model - IT Section_RS updatedFederal CFO Maturity Model - IT Section_RS updated
Federal CFO Maturity Model - IT Section_RS updated
 
Beyond Compliance
Beyond ComplianceBeyond Compliance
Beyond Compliance
 
CFO Risk Intelligence - Harvey Christophers
CFO Risk Intelligence - Harvey ChristophersCFO Risk Intelligence - Harvey Christophers
CFO Risk Intelligence - Harvey Christophers
 
Lecture 1 - 23 september 2012
Lecture 1 - 23 september 2012Lecture 1 - 23 september 2012
Lecture 1 - 23 september 2012
 
7_Credit Derivatives
7_Credit Derivatives7_Credit Derivatives
7_Credit Derivatives
 
Market Readiness Presentation
Market Readiness PresentationMarket Readiness Presentation
Market Readiness Presentation
 
Stress Testing
Stress TestingStress Testing
Stress Testing
 
Flevy.com - Financial Derivatives - Forwards/Futures/Options
Flevy.com - Financial Derivatives - Forwards/Futures/OptionsFlevy.com - Financial Derivatives - Forwards/Futures/Options
Flevy.com - Financial Derivatives - Forwards/Futures/Options
 
Dell and Deloitte: Managing Risk in the Cloud with Salesforce
Dell and Deloitte: Managing Risk in the Cloud with SalesforceDell and Deloitte: Managing Risk in the Cloud with Salesforce
Dell and Deloitte: Managing Risk in the Cloud with Salesforce
 
Introduction of VAR/GVAR Model as a Methodology to Develop Stress Test Scenar...
Introduction of VAR/GVAR Model as a Methodology to Develop Stress Test Scenar...Introduction of VAR/GVAR Model as a Methodology to Develop Stress Test Scenar...
Introduction of VAR/GVAR Model as a Methodology to Develop Stress Test Scenar...
 
Use of R in Actuarial Works
Use of R in Actuarial WorksUse of R in Actuarial Works
Use of R in Actuarial Works
 
Credit risk models
Credit risk modelsCredit risk models
Credit risk models
 
Fm11 ch 23 derivatives and risk management
Fm11 ch 23 derivatives and risk managementFm11 ch 23 derivatives and risk management
Fm11 ch 23 derivatives and risk management
 
Advanced Risk Management - Elsam Management Consultants
Advanced Risk Management - Elsam Management ConsultantsAdvanced Risk Management - Elsam Management Consultants
Advanced Risk Management - Elsam Management Consultants
 
Introducing the Professional Service Maturity Model
Introducing the Professional Service Maturity ModelIntroducing the Professional Service Maturity Model
Introducing the Professional Service Maturity Model
 
Presentation on credit risk
Presentation on credit risk Presentation on credit risk
Presentation on credit risk
 
Third-Party Risk Management: Implementing a Strategy
Third-Party Risk Management: Implementing a StrategyThird-Party Risk Management: Implementing a Strategy
Third-Party Risk Management: Implementing a Strategy
 
Partnership accounting
Partnership accountingPartnership accounting
Partnership accounting
 
Markowitz model
Markowitz modelMarkowitz model
Markowitz model
 

Ähnlich wie Risk management models - Core Consulting

Risk Management Presentation to Doyle Property Club
Risk Management Presentation to Doyle Property ClubRisk Management Presentation to Doyle Property Club
Risk Management Presentation to Doyle Property Clubmarcpreston
 
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksC-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksAronson LLC
 
Information Security Risk Management
Information Security Risk ManagementInformation Security Risk Management
Information Security Risk ManagementNikhil Soni
 
How to embed emerging risk identification and management IRMindia Affiliate
How to embed emerging risk identification and management IRMindia AffiliateHow to embed emerging risk identification and management IRMindia Affiliate
How to embed emerging risk identification and management IRMindia AffiliateIRM India Affiliate
 
RISK MANAGEMENT.pptx
RISK MANAGEMENT.pptxRISK MANAGEMENT.pptx
RISK MANAGEMENT.pptxssuser107f14
 
ToTCOOP+i O3 o4 unit-9_final_version_en
ToTCOOP+i O3 o4 unit-9_final_version_enToTCOOP+i O3 o4 unit-9_final_version_en
ToTCOOP+i O3 o4 unit-9_final_version_enToTCOOPiTech
 
Leading risk culture change webinar
Leading risk culture change webinarLeading risk culture change webinar
Leading risk culture change webinarFERMA
 
PECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB Webinar: ISO 31000 – Risk Management and how it can help an organizationPECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB Webinar: ISO 31000 – Risk Management and how it can help an organizationPECB
 
Mastering Information Technology Risk Management
Mastering Information Technology Risk ManagementMastering Information Technology Risk Management
Mastering Information Technology Risk ManagementGoutama Bachtiar
 
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...PECB
 
Chapter 1 risk management (3)
Chapter 1 risk management (3)Chapter 1 risk management (3)
Chapter 1 risk management (3)rafeeqameen
 
Risk Management (1) (1).ppt
Risk Management (1) (1).pptRisk Management (1) (1).ppt
Risk Management (1) (1).pptAjjuSingh2
 
Bcu msc cg week 4 risk management
Bcu msc cg week 4 risk managementBcu msc cg week 4 risk management
Bcu msc cg week 4 risk managementStephen Ong
 
A2 risk management oct 23 suzzane gibson
A2 risk management oct 23 suzzane gibsonA2 risk management oct 23 suzzane gibson
A2 risk management oct 23 suzzane gibsonocasiconference
 
Risk seminar - john crawley & emer mc aneny
Risk seminar - john crawley & emer mc anenyRisk seminar - john crawley & emer mc aneny
Risk seminar - john crawley & emer mc anenyИван Вали-Пур
 
PECB Webinar: Enterprise Risk Management - Unsuccessful efforts due to lack o...
PECB Webinar: Enterprise Risk Management - Unsuccessful efforts due to lack o...PECB Webinar: Enterprise Risk Management - Unsuccessful efforts due to lack o...
PECB Webinar: Enterprise Risk Management - Unsuccessful efforts due to lack o...PECB
 
PECB Webinar: An Integrated QMS EMS OHSAS System Using ISO 31000
PECB Webinar: An Integrated QMS EMS OHSAS System Using ISO 31000PECB Webinar: An Integrated QMS EMS OHSAS System Using ISO 31000
PECB Webinar: An Integrated QMS EMS OHSAS System Using ISO 31000PECB
 

Ähnlich wie Risk management models - Core Consulting (20)

Risk Management Presentation to Doyle Property Club
Risk Management Presentation to Doyle Property ClubRisk Management Presentation to Doyle Property Club
Risk Management Presentation to Doyle Property Club
 
Risk management
Risk managementRisk management
Risk management
 
Fiba 500 risk management
Fiba 500 risk managementFiba 500 risk management
Fiba 500 risk management
 
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksC-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
 
Information Security Risk Management
Information Security Risk ManagementInformation Security Risk Management
Information Security Risk Management
 
How to embed emerging risk identification and management IRMindia Affiliate
How to embed emerging risk identification and management IRMindia AffiliateHow to embed emerging risk identification and management IRMindia Affiliate
How to embed emerging risk identification and management IRMindia Affiliate
 
RISK MANAGEMENT.pptx
RISK MANAGEMENT.pptxRISK MANAGEMENT.pptx
RISK MANAGEMENT.pptx
 
ToTCOOP+i O3 o4 unit-9_final_version_en
ToTCOOP+i O3 o4 unit-9_final_version_enToTCOOP+i O3 o4 unit-9_final_version_en
ToTCOOP+i O3 o4 unit-9_final_version_en
 
Leading risk culture change webinar
Leading risk culture change webinarLeading risk culture change webinar
Leading risk culture change webinar
 
PECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB Webinar: ISO 31000 – Risk Management and how it can help an organizationPECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB Webinar: ISO 31000 – Risk Management and how it can help an organization
 
Mastering Information Technology Risk Management
Mastering Information Technology Risk ManagementMastering Information Technology Risk Management
Mastering Information Technology Risk Management
 
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
 
Chapter 1 risk management (3)
Chapter 1 risk management (3)Chapter 1 risk management (3)
Chapter 1 risk management (3)
 
Essay On Risk Management
Essay On Risk ManagementEssay On Risk Management
Essay On Risk Management
 
Risk Management (1) (1).ppt
Risk Management (1) (1).pptRisk Management (1) (1).ppt
Risk Management (1) (1).ppt
 
Bcu msc cg week 4 risk management
Bcu msc cg week 4 risk managementBcu msc cg week 4 risk management
Bcu msc cg week 4 risk management
 
A2 risk management oct 23 suzzane gibson
A2 risk management oct 23 suzzane gibsonA2 risk management oct 23 suzzane gibson
A2 risk management oct 23 suzzane gibson
 
Risk seminar - john crawley & emer mc aneny
Risk seminar - john crawley & emer mc anenyRisk seminar - john crawley & emer mc aneny
Risk seminar - john crawley & emer mc aneny
 
PECB Webinar: Enterprise Risk Management - Unsuccessful efforts due to lack o...
PECB Webinar: Enterprise Risk Management - Unsuccessful efforts due to lack o...PECB Webinar: Enterprise Risk Management - Unsuccessful efforts due to lack o...
PECB Webinar: Enterprise Risk Management - Unsuccessful efforts due to lack o...
 
PECB Webinar: An Integrated QMS EMS OHSAS System Using ISO 31000
PECB Webinar: An Integrated QMS EMS OHSAS System Using ISO 31000PECB Webinar: An Integrated QMS EMS OHSAS System Using ISO 31000
PECB Webinar: An Integrated QMS EMS OHSAS System Using ISO 31000
 

Kürzlich hochgeladen

Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableDipal Arora
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRavindra Nath Shukla
 
Best Basmati Rice Manufacturers in India
Best Basmati Rice Manufacturers in IndiaBest Basmati Rice Manufacturers in India
Best Basmati Rice Manufacturers in IndiaShree Krishna Exports
 
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...anilsa9823
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyEthan lee
 
Unlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdfUnlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdfOnline Income Engine
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANIlamathiKannappan
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfPaul Menig
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Serviceritikaroy0888
 
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Lviv Startup Club
 
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLMONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLSeo
 
BEST ✨ Call Girls In Indirapuram Ghaziabad ✔️ 9871031762 ✔️ Escorts Service...
BEST ✨ Call Girls In Indirapuram Ghaziabad ✔️ 9871031762 ✔️ Escorts Service...BEST ✨ Call Girls In Indirapuram Ghaziabad ✔️ 9871031762 ✔️ Escorts Service...
BEST ✨ Call Girls In Indirapuram Ghaziabad ✔️ 9871031762 ✔️ Escorts Service...noida100girls
 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communicationskarancommunications
 
Understanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key InsightsUnderstanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key Insightsseri bangash
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesDipal Arora
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...lizamodels9
 
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999Tina Ji
 
Call Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room ServiceCall Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room Servicediscovermytutordmt
 
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppelCorporation
 

Kürzlich hochgeladen (20)

Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear Regression
 
Best Basmati Rice Manufacturers in India
Best Basmati Rice Manufacturers in IndiaBest Basmati Rice Manufacturers in India
Best Basmati Rice Manufacturers in India
 
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
 
Unlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdfUnlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdf
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMAN
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdf
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
 
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
 
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLMONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
 
BEST ✨ Call Girls In Indirapuram Ghaziabad ✔️ 9871031762 ✔️ Escorts Service...
BEST ✨ Call Girls In Indirapuram Ghaziabad ✔️ 9871031762 ✔️ Escorts Service...BEST ✨ Call Girls In Indirapuram Ghaziabad ✔️ 9871031762 ✔️ Escorts Service...
BEST ✨ Call Girls In Indirapuram Ghaziabad ✔️ 9871031762 ✔️ Escorts Service...
 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communications
 
Understanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key InsightsUnderstanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key Insights
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
 
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
 
Call Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room ServiceCall Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room Service
 
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
 
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
 

Risk management models - Core Consulting

  • 1. © Continuity and Resilience – Copyright 2013 Risk Management and Models CII – Nov. 05, 2015
  • 3. About Continuity and Resilience (CORE) • ISO 22301 Certified Management Consulting Firm • Business Continuity Management • Crisis Management • IT Disaster Recovery • Green IT • Risk Management • Information Security Management • We Consult / Train / Assess and Certify in these domains 3
  • 4. A person who can foresee problems / difficulties and identify proactive solutions will live happily - Chanakya (350 – 283 BC), Author of Artha Sasthra 4
  • 5. 5 What is Risk? • Risk is the potential that something will go wrong as a result of one or a series of events. To get profit without risk, experience without danger, and reward without work, is as impossible as it is to live without being born. - A.P. Gouthe
  • 6. Risk Definitions – the change over time 6 Source Definitions ISO/IEC Guide 51:1999 Combination of the probability of occurrence of harm and the severity of that harm ISO/ IEC Guide 73:2002 Combination of the probability of an event and its consequence AS/NZS 4360: 2004 Chance of something happening that will have an impact on objectives COSO (2004) ERM Integrated Framework Events with a negative impact represent risks, which can prevent value creation or erode existing value. Events with positive impact may offset negative impacts or represent opportunities. ISO 31000:2009 Effect of uncertainty on objectives ISO 22301:2012 Effect of uncertainty on objectives
  • 7. Harmonization of International Standards • ISO/IEC 31000 - Risk management – Principles and guidelines • ISO/IEC 31010 - Risk management – Risk assessment techniques • ISO/IEC 27001 - Information technology – Security techniques – Information security management systems – Requirements • ISO/IEC 27005 - Information technology – Security techniques – Information security risk management systems
  • 9. Universe of Risks - 2 Natural Manmade Accidental Internal External
  • 12. Why are we talking about Risk?
  • 13. Today’s networks are more exposed to threats & risks Gartner brought up an interesting concept: "Perimeters and firewalls are no longer enough; every app needs to be self-aware and self-protecting." The risk environment is constantly changing. Financially-motivated, targeted attacks are increasing – but most security processes and technologies are failing to keep up. Exposure points
  • 14. 14 “Risk comes from not knowing what you’re doing” - Warren Buffett Well, then I guess, we both are in deep trouble
  • 15. About … Risk Management In assessing risks, technical people tend to focus on technical issues which have occurred to them, but the major risks for a product may be business-related – obstacles they don’t consider as often..
  • 16. What is Risk Management? Who uses Risk Management? How is Risk Management used? Risk Management Models
  • 17. • Good management practice • Process steps that enable improvement in decision making • A logical and systematic approach • Identifying opportunities • Avoiding or minimizing losses What is Risk Management?
  • 18. Risk Management is the name given to a logical and systematic method of identifying, analysing, treating and monitoring the risks involved in any activity or process. What is Risk Management?
  • 19. Risk Management is a methodology that helps managers make best use of their available resources What is Risk Management?
  • 20. Coordinated activities to direct and control an organization with regard to risk What is Risk Management?
  • 21. Risk Management - Benefits 21 Likelihood of achieving objectives is increased Proactive management is encouraged Identification of opportunities and threats is increased Legal and regulatory compliance is achieved Improvement in mandatory and voluntary reporting is achieved Governance is improved Interested parties’ confidence and trust is enhanced Decision making and planning is improved Resource allocation is effective
  • 22. Risk Management - Benefits 22 Operational effectiveness and efficiency is improved Health and safety performance is enhanced Environmental protection is improved Loss prevention and incident management is improved Losses are minimised Organisational learning is improved Overall improvement is organisational resilience is achieved
  • 23. Risk Management practices are widely used in public and the private sectors, covering a wide range of activities or operations. These include: Who uses Risk Management? • Finance and Investment • Insurance • Health Care • Public Institutions • Governments
  • 24. • Effective Risk Management is a recognized and valued skill. • Educational institutions have formal study courses and award degrees in Risk Management. • The Risk Management process is well established. (International RM process standards.) Who uses Risk Management?
  • 25. Risk Management is now an integral part of business planning. Who uses Risk Management?
  • 26. Risk Management -Myths • “We can only do so much; then whatever happens, happens.” • “Don’t be concerned with Risk Management (RM); there is nothing in it that applies to non-financial businesses.” • “It’s hard to find someone who has the expertise to address all risks across the organization. Isn’t that what the CEO and CFO should be doing?” • “Buying insurance manages the risk, doesn’t it?” 26
  • 27. Risk Management -Myths • “Risk management is only for large companies” • “We have lots of insurance” • “We already have a safety program” • “We haven’t had any problems so far” (but WE ARE ALWAYS ONE DISASTER BEHIND) • “It’s too expensive to implement a program” • “My company doesn’t have ethical risks.” 27
  • 28. 28
  • 29. The Risk Management process steps are a generic guide for any organisation, regardless of the type of business, activity or function. How is Risk Management used? There are 7 steps in the RM process
  • 30. 30 “The first step in the risk management process is to acknowledge the reality of risk. Denial is a common tactic that substitutes deliberate ignorance for thoughtful planning.” --Charles Tremper
  • 31. The basic process steps are: Establish the context Identify the risks Analyse the risks Evaluate the risks Treat the risks
  • 32. ‘Risk’ is dynamic and subject to constant change, so the process includes continuing: Communication & consultation Monitoring and review and
  • 33. The Risk Management process: The strategic and organisational context in which risk management will take place. For example, the nature of your business, the risks inherent in your business and your priorities. Communicate & consult Establish the context
  • 34. The Risk Management process: Communicate & consult Monitor and review Defining types of risk, for instance, ‘Strategic’ risks to the goals and objectives of the organisation. • Identifying the stakeholders, (i.e.,who is involved or affected). • Past events, future developments. Identify the risks
  • 35. The Risk Management process: Communicate & consult Monitor and review Analyse the risks How likely is the risk event to happen? (Probability and frequency?) What would be the impact, cost or consequences of that event occurring? (Economic, political, social?)
  • 36. The Risk Management process: Communicate & consult Monitor and review Evaluate the risks Rank the risks according to management priorities, by risk category and rated by likelihood and possible cost or consequence. Determine inherent levels of risk.
  • 37. The Risk Management process: Treat the risks Develop and implement a plan with specific counter-measures to address the identified risks. Consider: • Priorities (Strategic and operational) • Resources (human, financial and technical) • Risk acceptance, (i.e., low risks)
  • 38. The Risk Management process: Document your risk management plan and describe the reasons behind selecting the risk and for the treatment chosen. Record allocated responsibilities, monitoring or evaluation processes, and assumptions on residual risk. Communicate & consult Monitor and review Treat the risks
  • 39. The Risk Management process: Communicate & consult Risk Management policies and decisions must be regularly reviewed. Monitor and review In identifying, prioritising and treating risks, organisations make assumptions and decisions based on situations that are subject to change, (e.g., the business environment, trading patterns, or government policies).
  • 40. The Risk Management process: Risk Managers must monitor activities and processes to determine the accuracy of planning assumptions and the effectiveness of the measures taken to treat the risk. Methods can include data evaluation, audit, compliance measurement. Communicate & consult Monitor and review
  • 41. The Risk Management process: Establish the context Identify the risks Analyse the risks Evaluate the risks Treat the risks
  • 42. “Business as usual is business at risk” - Deloitte Old whitepaper 42 “The problem in my life and other people’s lives is not the absence of knowing what to do, but the absence of doing it” - Peter F Drucker Famous Quotes
  • 43. 43 “Good Risk Management fosters vigilance in times of calm and instills discipline in times of crisis.” --Dr. Michael Ong
  • 44. 44 • “Risk management should be an enterprise-wide exercise and engrained in the business culture of the organization.” -- Julie Dickson
  • 45. 45 “If you treat risk management as a part-time job, you might soon find yourself looking for one.” --someone in Deloitte
  • 46. 4 T’s of Risk Management 46 • Tolerate (what is within your risk appetite) • Treat (by investing) • Transfer (through insurance) • Terminate (the risk / process itself)
  • 47. Heat Diagram (before and after treatment) • Number of risks falling in the Red and Amber should reduce after treatment • These should further reduce after treatment of the residual risks • Which must further keep reducing over a period • While new risks may also appear 47
  • 49. Risk Management Maturity Model • There is no established Maturity Model for Risk Management, exists now; • But one can easily be developed and adopted 49 “If you can't describe what you are doing as a process, you don't know what you're doing” W. Edward Deming
  • 50. RM Maturity Model- Deloitte sample 50
  • 51. RM Maturity Model • Levels and Parameters defined by someone else • Level 1: Ad hoc. Undocumented; in a state of dynamic change; depends on individual heroics • Level 2: Preliminary. Risk defined in different ways and managed in silos. Process discipline is unlikely to be rigorous. • Level 3: Defined. A common risk assessment/response framework is in place. Organization-wide view of risk is provided to executive leadership. Action plans implemented in response to high priority risks. 51
  • 52. RM Maturity Model • Levels and Parameters defined by someone else • Level 4: Integrated. Risk management activities coordinated across business areas. Common risk management tools and processes used where appropriate, with enterprise-wide risk monitoring, measurement and reporting. Alternative responses analyzed with scenario planning. Process metrics in place. • Level 5: Optimized. Risk discussion is embedded in strategic planning, capital allocation, and other processes and in daily decision-making. Early warning system to notify board and management to risks above established thresholds. 52
  • 53. Other RM Standards • ISO 14971 • Medical devices – Application of risk management to medical devices • ISO /IEC 16085 • Systems and Software Engineering - Life cycle processes – Risk management • ISO 17666 • Space systems – Risk management • ISO / IEC 27005 • Information technology – Security techniques – Information security risk management 53
  • 54. Other RM Standards • AS/ NZS 4360 • Risk Management** • COSO Enterprise Risk Management – Integrated Framework • NIST 800-30 • Risk Management Guide for Information Technology Systems ** Base standard for ISO 31000; is the first international standard on Risk Management 54
  • 55. 1. Define 1.1 Stakeholders 1.2 Risk Management Executive 1.3 Scope 2.4 Decide Response 3 Select Control Criteria & Implement Controls 3.1 Choose Controls 3.2 Implement Controls 4. Audit & Testing of Controls 4.3 Accreditation 4.2 External Testing/Auditing 4.1 Internal Testing/Auditing 5. Improvement Plan 5.2 Monitor 5.1 Agree 6.4 Categorise 6. Incident Management 6.1 Monitor 6.3 Record 6.2 Respond 2 Risk Analysis2.1 Risk Identification 2.3 Calculate Risk 2.2 Identify Appetite Plan Do Check Act Deming Cycle BT Risk Process & Activity Lifecycle (PDCA Model)
  • 56. Other Strategic Risks • Recently, the following have been gaining a lot of importance • Sustainability Risks • Cloud Computing Risks 56
  • 57. 57 Risk Management Rules 1. Don’t underestimate your risks 2. Risks don’t go away (it exists as it is) 3. The certifications doesn’t make you ready 4. You can’t just rely on technology 5. Be careful of professional burnout 6. Look after your (precious) data 7. Risk Management? Incident Management? 8. Manage risks from top down 9. Don’t reveal your internal documents 10. Lies, damn lies and statistics…..
  • 58. A Balanced Approach - Risks need to be understood Potential Threats to Assets Potential Vulnerability Reality Check Balanced Solution Risk Appetite Solution for Acceptable Risk Mitigation Lo w Hig h Lo w Hig h Lo w Hig h Information Security Cost Risk Usability Risk Management is the management of Trade-off
  • 59. There must be a balance!
  • 60.
  • 61. © Continuity and Resilience – Copyright 2013 Thank You
  • 62. CONTINUITY & RESILIENCE Email: info@continuityandresilience.com Website: www.continuityandresilience.com http://www.coreconsulting.ae/ 62