About BWise

Blog

To know or not to know

September 29, 2015 by
Filed under: Governance, Risk and Compliance, Risk Management

“I don't need risk management. I know what's going on in my company”. A clear statement and one frequently heard from the top of an organization. Often people with a great hands-on mentality and true entrepreneurial spirit have the feeling that Risk Management is formalizing a process a good boss would do by himself.

This seems a very strong argument: how can you be opposed to people who really know what's going on, and hate being informed by 'just an abstract dashboard'. So, why does it make sense to have proper risk management implemented?
First of all: you don't know what you don't know. As the famous saying goes: "Only Santa Claus can be at two places at the same time". It is simply not possible to know everything, and when there is a process in place to make sure people report risks; there is the chance you know more.

Secondly, not everybody is in a position to be everywhere. It is normally the top of the organization that is able to do this (and should be doing this). But risk management is not just information flowing bottom to top. Many others in the organization simply don't have the bandwidth, and don't have the authority. Still, they would greatly benefit from the insights, the challenges, the benchmarks, the risks and the mitigating actions. Only a formalized risk management process can resolve this.

Thirdly, the tone at the top is vital here. Communicating risks needs to be formalized. Once a risk is communicated, it is deemed important. The risk management culture follows on from this and develops over time. This doesn't mean Kafka 2.0 should be implemented; risk management is a process, helped by technology, and driven by people.

So, I believe the dashboard will never replace the actual communication being there, the talking, and the asking of difficult questions. Risk management however, when properly implemented, helps to ask those questions, and helps to make things actionable, and ensures they are monitored.

Tags: BWise, Risk, Risk Management

More Information

What is GRC?

Read the definition of Governance, Risk and Compliance


Gartner ORM report

Nasdaq's BWise has been positioned as a Leader in Gartner's Magic Quadrant for Operational Risk Management Report, 2015. 


Forrester report

Forrester positioned Nasdaq BWise as a Leader in New Report, The Forrester Wave™: Governance, Risk, And Compliance Platforms, Q1 2016.


Why BWise

Download the brochure: Three Key Reasons why Hundreds of Customers Rely on Nasdaq BWise.

Scroll up