How to reduce critical infrastructure risks by enhancing the security culture among employees?
The recent disruption in the medicine supply in Ljubljana has proven that risks and adverse events are not just a theory, or something that happens only to others. The same can be said for the possible occurrence of multi-million-dollar financial damage and “immeasurable damage to the company’s reputation and customer confidence”. In addition to the […]
What is risk perception and how can we improve it?
[GUEST AUTHOR]: doc. dr. Brane Bertoncelj, Former director of cash management department at the Bank of Slovenia Risk is a personal, professional and social overburden. “How safe is safe enough?” is the common denominator of an increasingly difficult decision-making in identifying an acceptable risk in a precarious social environment. Risk perception requires us the assessment […]
Why Study Risk Management and Corporate Security?
In a competitive business landscape, the most successful organizations are those that have managed to adapt to the new conditions as quickly as possible and to control the risks imposed. Despite being constantly faced with internal and/or external factors that affect the uncertainty and unpredictability of the situation and the achievement of business goals, it […]
Risk assessment [Part 2]: How to assess risks in practice?
In my previous blog post I talked about risk measurement system, which I will now present you in practice. I am sure this approach will make it easier to evaluate the risks in your every day work. I often say to our clients that the system is merely a tool, which is why it cannot capture all […]
Risk assessment [Part 1]: Setting up the risk measurement framework
In our second instalment of our risk management process series, we are going to look more closely to the process of assessing risks. Fundamental step for risk assessment is the setup of the risk measurement framework. In effect this means that before we start the actual assessment, we must decide a set of criteria that […]
From Theory to Practice: Managing Risks in an ICT company
Content on risk management often seems theoretical and something that has little to do with the reality. This is why this time I am presenting a practical example of how we identified the main risks and took measures to prevent their realization, that could in a worst-case scenario jeopardize the very existence of our company. […]
How to define “a risk”?
Similarly as to an individual, “a risk” to a company represents a future uncertain event with probable negative consequence. People see, or notice those risks, that have a negative impact on their physical health that can result in a death (such as cancer, stroke, traffic accident). For companies, such events represent all risks that negatively […]
How to identify risks?
Before starting any systematic risk management efforts, it is crucial to identify the risk that the company is exposed to. The aim of the risk identification process is to establish a catalogue of risks or so called “risk register”. While this process usually is relatively intuitive there are few pitfalls that should be taken into […]
How to manage risks systematically?
Systematic enterprise risk management is a never-ending process in a company that ensures that the risks are appropriately managed. Risk management process is in its simplest form divided into 4 main phases: 1) Identification 2) Assessment 3) Treat 4) Control While many ERM books make it sound complicated really is not. First, we must identify […]
How to adequately evaluate what DOESN’T happen within an organisation? [PART 1]
The role of ROI in managing organisational risks When something happens within an organisation, it is easy to quickly evaluate the effect of said event and determine the responsible department or person. It is more complicated, however, to do the opposite: if nothing earth-shattering happens within an organisation, it is almost impossible to prove that […]