A number of years ago, while living near Houston, Texas and working for a major oil company as an audit director, I joined the local volunteer fire department in my community.
As a new member, I was assigned the task of carrying out a fire inspection at our local middle school. I was part of a team that included more highly-trained fellow volunteers.
Auditing Fire Risks
Being an experienced auditor, I was certain I was up to the task. I knew all about controls and I thought that knowledge would come in handy. My plans were to meet up …
For many people, risk management helps companies make sure that their compliance risks are monitored and that they have controls in place to take care of them.
Personally, I strongly believe that risk management is much more than that – it helps companies really steer their business, avoid roadblocks, seize opportunities, and react appropriately.
Key Risk Indicators (KRIs) are indicators of the possibility of a future adverse impact on the organization. They serve as an early warning system to the stakeholders and enable preventive action to be taken directly on the risks and opportunities flagged.
In that sense, they …
Recently I was perusing a relatively unknown corner of ISO 31000 Risk Management —Principles and Guidelines— and long dormant memories flooded back.
The ISO section I was reading, Monitoring and Review (s 5.6), deals with the sorts of metrics that should be monitored to ensure the risk management system’s working. For example, it suggests monitoring indicators of control effectiveness, incidents (near misses), issues, key risk indicators, loss events, and other relevant variables important to the risk management process.
Years ago, I was appointed manager of accounting for what was then a mid-sized oil and gas company with operations …