In this blog we keep you up-to-date and inform you with the news and trends in governance, compliance and risk
TPRM geopolitical
9 min readTPRM geopolitical risk is a live issue for energy and industrial companies. Here's how to assess supplier exposure and act before the next disruption hits.
Risk Session
7 min readA risk session only works if the right people contribute. Learn how to structure collaborative risk sessions that feed directly into your risk register.
Board risk reporting
9 min readMost board risk reporting either overwhelms directors or reassures them. Here's what genuinely useful board risk information looks like and how to produce it.
Integrated risk management
8 min readIntegrated risk management only works when every layer of the organisation contributes. Here's how to move from risk admin to a live, shared process.
Probabilistic risk analysis
9 min readProbabilistic risk analysis goes beyond single-point estimates. Learn how to apply it practically, when it's worth it, and what it tells you that a risk score cannot.
Risk appetite vs risk tolerance
9 min readRisk appetite vs risk tolerance: two terms used as synonyms that serve completely different functions. Here's what each does and what breaks when you blur the line.
Three lines of defense
9 min readThe three lines of defense model is widely known but rarely applied well. Discover the most common failure modes and what good governance actually looks like.
What is risk management
9 min readWhat is risk management? A clear, practical explanation of the definition, process, and why it matters for every organisation.
Risk management cycle
9 min readThe risk management cycle has five steps. In practice, they rarely happen in order. Here's how to navigate the cycle when reality gets in the way.
ISO 31000
9 min readISO 31000 is widely cited but rarely understood. Here is what the standard actually contains, where it helps, and where it leaves you on your own.
Most organisations maintain a risk register. Few actually use it to make decisions. Here's the difference between risk administration and risk management.