About BWise

Blog

Hosting a Round Table at OpRisk Europe: 'Getting the framework right'

June 9, 2011 by
Filed under: General, Governance, Risk and Compliance, Risk Management

Hosting a Round Table at the OpRisk Europe event in London, on the topic of 'getting the framework right' -a vital component in any risk management, compliance and most certainly any GRC initiative.
It is critical to get a consistent and sustainable risk framework that will be extensive enough to cover past, current and future vision, mergers and acquisitions. It needs to be geared towards the organizational culture, be it very centralized, with a common framework used throughout the organization; or very decentralized for organizations with less formal central steering on risk and compliance management. The first centralized approach solicits the questions for clear guidance on how to read and interpret the organization, as there are many local differences. The latter more decentralized approach solicits ways to meaningfully aggregate information. Clearly, a balance needs to be found between for instance, the level of adoption on one hand and ease of risk aggregation and reporting on the other. Not a simple task, but happy to help.
Now on to Reputation...
Another interesting discussion occurred around reputational risk. Is reputational risk a risk in itself that belongs in the risk framework, or should it be viewed as a dimension of any risk? In this view, any event or any risk may have a reputational impact. To me, the latter approach is by far the preferable way to go, as it puts reputation at the right (high importance) level. Rather than isolating it in its own risk framework bucket, you acknowledge that everything might have a reputational impact, high or low. Interestingly enough, reputation has become so important that 'taking it out of the framework, would not be unacceptable', as one risk expert recently told me. Interestingly enough, this view is seen as taking reputation out of the framework, rather than giving it the proper place in the framework. Some may argue they currently have an owner for every risk, and they have or need to have an owner for reputational risk. Well, the entire organization may cause a reputational damage, everybody is an owner but there is only one accountable, and that is the CEO. Same story for other dimensions of risk such as financial, safety, etc...

risk-managementFor us, as providers of risk solutions, it is important to provide proper insights and reporting to enable communication that clearly represents reputational risk, such that senior management gets a financial view on risks and a reputational view on the same risks. Then, maybe a view of the other dimensions we talked about before, depending on the industry you're in.

Tags: BWise, Risk, Risk Management, GRC, Enteprise Risk Management

More Information

What is GRC?

Read the definition of Governance, Risk and Compliance


Gartner ORM report

Nasdaq's BWise has been positioned as a Leader in Gartner's Magic Quadrant for Operational Risk Management Report, 2015. 


Forrester report

Forrester positioned Nasdaq BWise as a Leader in New Report, The Forrester Wave™: Governance, Risk, And Compliance Platforms, Q1 2016.


Why BWise

Download the brochure: Three Key Reasons why Hundreds of Customers Rely on Nasdaq BWise.

Scroll up