Practical enterprise risk management: a business process approach
Duckert, Gregory H.
INDICE: Preface. Acknowledgments. Chapter 1: Corporate Governance: A Gut Check. The Great SOX Fallacy. The Visionary Challenged Leading the More Visionary Challenged. Going Back to the Future? How Not to Run IT. Systemic Failure: Critical Shortcomings of Application Systems Implementation. What Is GRC Anyway? Are You Cubin'? Chapter 2: What ERM Is and What It Is Not. Dont Be Mislead: What ERM Is Not. Key Qualities of an Effective ERM. Primary Components of RiskAssessment. Need for a BRAIN (Business Risk Assessment Information Network). Process of Creating a BRAIN. Chapter 3: Understanding What the Business Is. Defining the Business. A Banking Example. Answering the Key Question: What Is the Business? Determining the Core Business Processes. Setting the Structure: Creating a Physical Map. A Medical Example: A Healthcare System. Impact Analysis. Chapter 4: Defining What True Business Risk Is. Its About the Outcome Stupid! Risk Never Lives Alone. Defining Baseline Categories of Business Risk. Evaluating All of the Possibilities: The Risk Universe. Using the Business Structure to Drive the Risks. Distributed Risk Assessment and Management (DRAM). Chapter 5: Objectively Defining Risk. Defining Risk in the Context of the Business Using the Business Defined Data Structure. Why Use Data to Define Risk: The Three Attributes. Data Centric ERM (DCERM). Multi-Dimensional Risk Assessment. Chapter 6: Building a Fluid/Dynamic Risk Model. The Model and Why It Is Necessary. Moving from Reactive to Proactive Risk Management. OR Data and Why It Is Critical. KRIs Not KPIs. Options on How to Drive the Model. Dashboard Indicators. Key Early Warning Indicators. Determining the Key Risk Indicators. Universal Risk Indicators. Financial, Operational, Regulatory, and Technological KRIs.Chapter 7: Top-Down Risk Assessment: Evolving the Fluid ERM Environment-A Step By Step Approach. Building ERM One Step at a Time. Mapping the Physical Structure of the Enterprise. Defining the Business Risks of the Enterprise: Utilizing Key Outcomes. Developing KRIs for Assessing Risk for the Entire Enterprise. Detailed Inventories of KRIs: When Greater Automation/Sophistication Is Achieved. Building a Baseline Risk Register. Embedding Risk Registers and Key Information in the Physical Mapping. The Modular Approach. Determining a Focused Outcome Group (FOG). Net Risk versus Residual Risk. Business Risk Analysis Techniques (BRATs). Utilizing Logical Data Pathways to Focus on Root Cause and Resolve It. Chapter 8 The Future Evolution of the Model. ERM for the Twenty-FirstCentury. Systems Strategies. Design Criteria and Specifications. Designing Risk Centric Systems for Efficiency/Governance: Step by Step. Dynamically Integrated Risk Evaluation (DIRE). Triggers and MOMS. Real Time Profiling. Setting Standards for Future Evolution. Chapter 9 Related Topics and Special Risk Situations. Managing Risk/Auditing Real Time. Monitoring Controls with Metrics. Utilizing ERM to Reduce Audit Fees and Lower the Costs of Operation. Mergers and Acquisitions: Lets Buy Some More Risk. Outsourcing: What You Dont Know Could Kill Your Organization. Debunking the Outsourcing Myths: The Ventoro Study. Chapter 10 Maximizing Impact Minimizing Exposure. Who Owns the Risk Management Process? Involving the Stakeholders: Creating a Critical Business Tool. Extending the Impact: Making It a Company Essential. Strategically Linking Key Risks and Key Controls: Creating a HOME. Building the DREAM HOME: Automating Even Your SOX. About the Author. Index.
- ISBN: 978-0-470-55985-7
- Editorial: John Wiley & Sons
- Encuadernacion: Cartoné
- Páginas: 288
- Fecha Publicación: 03/11/2010
- Nº Volúmenes: 1
- Idioma: Inglés