ERM vs IIA’s 3 LoD: Spot The Difference
The 3 Lines of Defence (3 LoD) concept is not new, having first started in the wake of the Dotcom Shakeout about 20 years ago. It was a turbulent time for many companies; people were not managing risk properly. Not only were there deficiencies in managing risk, risk identification, ownership,
IERP®-UoW Townhall: Future-Proof Your Career As An Enterprise Risk Manager
A recent IERP®-UoW Townhall session focused on the potential of risk management as a long-term, lucrative career, with presenter Ramesh Pillai, Chairman of the IERP® stating right at the outset, that risk management was not so much about helping businesses avoid risks, as about helping organisations achieve their objectives. “It’s
What Is Missing In The ISO 31000 Guidelines
Drafted by the International Organization for Standardization, ISO 31000 is a set of guidelines that is intended to help organisation implement better risk management. It is designed to be used by any organisation operating in any industry. There is no certification for ISO 31000, unlike other ISO standards. With the
Why GRC Should Be Top-Of-The-Mind For All Board Directors
What does a Board do? The Board of Directors’ responsibilities include delivering effective leadership, developing strategy and giving proper direction to the organisation so that it operates successfully, within all legal, regulatory and compliance bounds, and is able to deliver value to its shareholders. But in today’s dynamic, volatile corporate
What Has ESG Got To Do With Enterprise Risk Management?
Environmental, Social and Governance (ESG) requirements are gaining prominence in many large organisations. Investors and stakeholders are starting to pay closer attention to how companies treat their environment, conduct themselves as corporate citizens, and carry out their governance responsibilities. Statistics have shown increasing funds flowing to “green” bonds and sustainability-linked
Balancing Oversight & Micromanaging: Where To Draw The Line?
Oversight, a critical function performed by Boards, is a component of good corporate governance, and is necessary to ensure that policies, plans, programmes and projects achieve the desired results, and comply with rules, regulations and ethical standards. In the course of exercising oversight, the Board usually ensures that due diligence
The Rise of Technology and Data Risk
New technology, such as artificial intelligence (AI) and cloud-based storage, is fuelling concern over data risk. But what constitutes data risk? This usually refers to the risks that confront an organisation such as loss of value or reputation, due to the challenges it faces with regards to acquiring, storing, transforming
The Relationship Between BCM, DRP And Crisis Management
To determine the relationship between Business Continuity Management (BCM), Disaster Recovery Planning (DRP) and Crisis Management, these first need to be defined. BCM is the process of planning for disruptive incidents so that any damage and down time resulting from the incident, will not have extensive impact on the business.
Is Corporate Ethics The Same As Ethics?
Ethics, from the Greek word ethos, means knowing the difference between right and wrong, and doing the right thing; it is the moral principles that govern a person’s behaviour. Corporate ethics, sometimes also referenced as business ethics, is the code of conduct which guides an organisation in its business dealings;