Julie Goran, Laura LaBerge, Ramesh Srinivasan

The critical question for executives concerned with their organization’s risk appetite is whether they are trusting their employees, at all levels, to make big enough bets without subjecting them to red tape.

Sanjay Kalavar, Mihir Mysore

In our experience, it helps to think of a crisis in terms of “primary threats” (the interrelated legal, technical, operational, and financial challenges that form the core of the crisis) and “secondary threats” (reactions by key stakeholders to primary threats). Ultimately, the organization will not begin its recovery until the primary threats are addressed, but addressing the secondary threats early on will help the organization … [ Read more ]

Joseba Eceiza, Piotr Kaminski, Thomas Poppensieker

Nonfinancial risk has typically been addressed by one-off showcase initiatives based on a specific regulation or requirement, and left to experts in each field. What principles exist typically focus on adhering to formal standards and providing evidence that appropriate controls are in place. They are usually not embedded into the business but are instead delegated to risk and compliance departments, which have a limited understanding … [ Read more ]

A Comprehensive Approach to Managing Social Media Risk and Compliance

Traditional risk management policies and procedures were not designed for, quite literally, minute-by-minute monitoring of social media chatter to identify brand, strategy, compliance, legal and market risks.

Those risks are considerable. Financial institutions have had to shut down social media forums due to unanticipated negative feedback; the stock markets have been buffeted by fraudulent social network postings; businesses have had to change or rescind strategies … [ Read more ]

Are You Prepared for a Corporate Crisis?

No one can predict when disaster will strike—but knowing what to expect if it does will buy precious time.

Nonfinancial Risk Today: Getting Risk and the Business Aligned

Risk managers may argue that the basic principles of Risk and Control Management (R&CM) are well established, and indeed enshrined, in industry standards. The concepts may indeed be broadly known, but they are applied in such a scattered fashion that they are not fit for purpose.

The resourcing and costs of the R&CM approach should be aligned with the company’s structure, business model, and risk profile. … [ Read more ]

Chipotle Eats Itself

Fast Company’s most extensive article in eight years, informed by hundreds of hours of interviews from inside and around the company, thousands of pages of documents that were leaked to us, on-site reporting from farms to industrial kitchens, and revealing discussions with Steve Ells, his co-CEO Monty Moran, and other top Chipotle leaders. It is an eye-opening, entertaining, and unvarnished look at a company and … [ Read more ]

Nestlé’s Half-Billion-Dollar Noodle Debacle in India

Nestlé spent three decades building a beloved noodle brand in India. Then the world’s biggest food and beverage company stumbled into a public relations debacle that cost it half a billion dollars. A cautionary tale of mangled crisis management on an epic scale.

Preventing Social Media Armageddon

The accessibility and fluidity of social media leaves organisations open to significant risks. But there are countermeasures organisations can take to prevent reputation disaster.

Tucker Bailey, James M. Kaplan, Chris Rezek

When companies think about cybersecurity […] most ask, “How can we protect ourselves and comply with standards or regulations?” instead of “How do we make confident, intelligent investments given the risks we face?” Many also treat cybersecurity primarily as a technology function rather than integrating it into business operations. As a result, they get the wrong answer about how to construct a cybersecurity program.

What Have the Past 30 Years Taught Us About Managing Risk?

The problem with many catastrophic risks isn’t just that their impacts, when they hit, are so massive. It’s also that their odds of occurring in any given short time frame are very small, so that planning for them has to be handled as a long-term priority while the proverbial sun is shining. And neither companies nor individuals are particularly apt at taking serious, long-term action … [ Read more ]

Pragmatic Risk Management in a Tightly-Coupled World

Globalization has created new opportunities and new threats. As sourcing from around the world made supply chains longer and more complex, the volatility inherent in production significantly increased. The number of supply chain members and the interactions among them has grown, exacerbating the lack of transparency in the operating environment. Company executives have increased profitability through ever-shorter times-to-market and product life-cycles, business processes improvement, just-in-sequence … [ Read more ]

Gerd Gigerenzer

Just imagine, a few centuries ago, who would have thought that everyone will be able to read and write? Now, today, we need risk literacy. I believe if we teach young people, children, the mathematics of uncertainty, statistical thinking, instead of only the mathematics of certainty – trigonometry, geometry, all beautiful things that most of us never need – then we can have a new … [ Read more ]

Gerd Gigerenzer

We need statistical thinking for a world where we can calculate the risk, but in a world of uncertainty, we need more. We need rules of thumb called heuristics, and good intuitions. That distinction is not made in most of economics and most of the other cognitive sciences, and people believe that they can model or reduce all uncertainty to risk.

The Art of Risk Management

Risk management isn’t just a matter of complex financial models and formal risk-management systems. It is an essential value-creating activity that should inform the strategic debate at every level of the organization. Here are ten basic principles that should govern “the art of risk management.”

David Greenberg

The future of risk management lies in an ability to incorporate and inspire more of the behaviors we want, finding new models to map, monitor, intervene, support, and react to the behaviors of individuals and groups—both the behaviors we want to encourage and those we’d like to avoid. Critically, this taking account of behavior means that we need a much sharper comprehensive strategy for corporate … [ Read more ]

From Risk to Resilience: Using Analytics and Visualization to Reduce Supply Chain Vulnerability

Complex supply chains require sophisticated, connected tools to monitor risks, predict disruptions, and support rapid recovery as part of an overall resilience strategy. For leading companies, this line of thinking has led to an increase in adoption of advanced tools grounded in analytics and visualization.

Nassim Nicholas Taleb

Rank beliefs not according to their plausibility but by the harm they may cause.

Instinct Can Beat Analytical Thinking

Researchers have confronted us in recent years with example after example of how we humans get things wrong when it comes to making decisions. We misunderstand probability, we’re myopic, we pay attention to the wrong things, and we just generally mess up. This popular triumph of the “heuristics and biases” literature pioneered by psychologists Daniel Kahneman and Amos Tversky has made us aware of flaws … [ Read more ]

Field Marshal Erwin Rommel

If you can recover from the loss, it’s a risk. If not, it’s a gamble.