Managing risk within the confines of your own business is hard enough. When you tack on risk associated with vendor relationships, the complexity only grows. As business leaders, we have to carefully manage vendor relationships to protect our customers, employees and stakeholders, but the process can be daunting.
With each release, I make time to analyze the key features and perform updates across our full suite of Internal Audit, Risk Management and Compliance solutions. As I do this, I’ll be sharing my thoughts, ideas and insights here on the blog, if only to help spark ideas for our clients on how they, too, can use Onspring to the fullest.
One thing is certain: the unexpected will occur. Storms will pop up and our skills and coping mechanisms will be tested. Organizations must identify where they are exposed, apply an appropriate response for addressing the risk, and implement a mechanism to constantly monitor and reassess the risk and their response to it. Otherwise, we risk getting stuck by the side of the road in a driving rain.
When you develop software, there are many stages of the design phase that are highly critical to the final product. Too often, companies are in a rush to push feature releases or changes to their products that are “box checkers.” They’re trying to compare themselves to a competitor in a favorable light, without actually thinking about the problem in depth, or not considering things such as long-term performance and usability.
How does a financial services company launch an Enterprise Risk Management (ERM) program with a department of just a few? The Onspring team had the opportunity to work with an organization to help build their ERM program from the ground up. Now, with multiple years of data to review, the company has discovered tangible benefits, wide sweeping perception improvements and actionable data to facilitate change in the right direction.
When risk taking tips over into unethical behavior, organizations face potentially catastrophic outcomes. But is all risk-taking bad? Certainly not. In fact, it’s essential for business growth. To put it simply, a business that takes no risks is quickly out of business.
Yesterday, I picked up the July 11 edition of the Wall Street Journal. As I skimmed the front page, the following headline drew my attention: “Under Fire, Theranos CEO Stifled Bad News.” A CEO stifling bad news? Sounds like an interesting Tone at the Top tale to this former auditor!
During the first two weeks of March, I was fortunate enough to represent Onspring as an exhibitor at two excellent industry conferences: RSA Conference in San Francisco and the Institute of Internal Auditors General Audit Management Conference in Dallas. Both conferences afforded us a great opportunity to raise awareness about the Onspring platform and solutions, as well as our company’s philosophy of solving problems by providing high quality solutions and services.
With no breaks, no interruptions and no rabbit holes, we had less than 15 minutes to introduce a risk, provide background, discuss and ask questions, and have each executive submit their six ratings—a pretty daunting sum of activities in a very short span of time. We knew this was an ambitious feat and would require careful preparation to pull it off. So we established the following ground rules to help us execute a productive meeting.