Dear Readers,
although being not the first one to post in our GRC community this year I'd like to welcome everybody back to our series of posts on topics concerning Governance, Risk & Compliance Management. We have experienced a lot of high quality discussions last year based on the posts published and have had a lot of positive feedback. So be sure we will carry on!
What we would like to encourage everybody though is to make replies, feedback and your own valuable views also public in this forum - it is open to any qualified opinion: use the commentary function or post your own ideas and start discussions.
Dr. van den Brink already beat me being first this year and opened a new parallel series we will label #RiskTalk to ensure risk topics will get the same attention as compliance topics did. Risk Management is a bordering discipline to Compliance but quite often has to step back behind pressing regulatory topics. At least if you are not in an industry that is now regulating risk management like the financial services industry is today: If you are in banking or insurance risk management is now a even more serious compliance topic. But if you are in these industries you most probably anyhow knew about Risk management before - regardless of how successful your risk control had been in the last years.
But looking at the start of 2011 we see already in the first days of business significant risk topics becoming public. In Germany we have our first scandal concerning dioxin in our food chain. First investigations indicate that animal food used in farming has been contaminated purposely for the sake of profit. There is a lot to be said about the effectiveness of governement controls on the one side but also about the difficulty of catching those with criminal intent. What it should trigger though is a discussion about third party risk: Several farmers loose a substantial part of their "production" because of a risk event in their supply chain. What could effect yours? Do you know your third party risk? Do you manage it?
Overall we did take note of the risk report of the World economic forum. It lists a substantial set of (admittedly) high level global risks - and it is good to see that this kind of analysis is undertaken. On the first glance it does not affect us and our business. But don't it? It leaves a certain uneasiness in us as it clearly states that the world economy is not recovered enough after the crisis to take any other serious blow today. And the increasing threat of cyber criminality in all its aspects - do you know how prone your business is to that kind of "attack"?
So beside catching up on a lot of topics after the Christmas break I had a interesting time pondering about such news. The world didn't change over the year and the challenge for us in the GRC-profession is still high. I wish you all a lot of success in 2011 and hope you stay tuned with us on www.grc-lounge.com.
After all - no risk no fun!
