An ERM program should be as useful as a GPS, providing guidance and pointing out potential risks along the way.
When I go somewhere new, my GPS is an invaluable tool.
Before I leave, I can tell it where I want to go (if not from my current location, I give it a new departure point) and when. It will help me understand my options, not only different routes if I drive and how long each should normally take, but how I could travel using public transportation, etc.
This helps me plan the trip.
During my trip, it will help with:
- Projecting my time of arrival. This helps me know whether I am likely to arrive on time (achieve my objective)
- Indicating potential traffic delays, including known road repairs
- Offering alternate routes
- Warning me if I exceed the speed limit
- Letting me know where I can refuel my vehicle or myself (restaurants)
- Telling me of points of interests (opportunities)
- Showing me where I am on my path to my objective
The GPS helps me make informed and (hopefully) intelligent decisions so I can reach my objective safely and on time.
Does your ERM program do as much?
Or is it a list of things that could go wrong that you update every so often?
I welcome your comments.
By the way, by ERM I mean your enterprise risk management program – not a software platform.
- The risk is assessed as high. So what? - March 15, 2023
- Putting cyber risk into business perspective - February 15, 2023
- Twitter and risk - January 18, 2023