IRM Chair's presentation - some nice elements in this, such as
- Risk culture being "at its simplest...how 'risk management' is factored into decision making" - I would go further and make this the most complex definition, rather than elaborate
- Nice transposed diagrams of how certain risk cultures need to implement ERM in certain ways
- Around half are lumping "risk culture" and "embedding risk management" into their (Risk?) Solvency II Workstream (i.e weren't planning for it otherwise)
- Quarter had no sponsor for risk culture work
- Around 30% cited "lack of access to management time" as a challenge
- No real favoured technique for assessing risk cultures or embedding risk management - number of options cited
- None of the 9 relevant participants had received a "poor" rating from S&P for their ERM structure
- Not many outliers on the questions regarding risk governance, risk resources, risk transparency and responding to bad news - most were 2/3 out of 4
- Few more outliers in questions on risk competence, making risk decisions and rewarding risk taking - suggests that, while companies are relatively competent at 'playing at doing risk', at the sharp end the relevant skills and attributes are by no means compulsory
No comments:
Post a Comment